US grocery retailer, Albertsons, has suffered a data breach resulting in the potential exposure of personal information belonging to around 33,000 employees. The incident occurred in December, but only came to light recently following regulatory notices filed by the company in multiple states.
The compromised information includes names, driver’s license numbers, and ID card numbers. Albertsons has reportedly launched an investigation into the matter and engaged a leading global forensics firm.
A letter to employees from the company dated April 21st stated that “an unauthorized third party gained access to its systems, infecting its systems with malware. Upon discovery, Albertsons immediately launched a forensic investigation, took steps to prevent any further unauthorized access”. The company has offered credit monitoring services to affected employees for a select period of time.
The news of the data breach follows similar incidents at other US retailers in recent months. In January, Kroger announced that its pharmacy and clinic subsidiary, Kroger Health, had suffered a data breach resulting in the exposure of personal and health information belonging to patients. The following month, Walgreens notified around 72,000 customers of a similar incident that had occurred at a third-party service provider used by the company.
The US retail sector has been hit hard by cyberattacks in recent years, with experts warning that the trend is likely to continue as hackers target retailers’ vast stores of personal information.
Data breaches can be extremely costly for businesses, with IBM’s annual Cost of a Data Breach report indicating that the average cost of a data breach is around $3-4 million.
In addition to financial losses, breaches can also result in significant reputational damage for companies, particularly where the sensitive personal information of employees and customers has been compromised.
