Retail grocery giant cyber attack impacts millions | Official Website of Louis Velazquez, entrepreneur, finance guy and tech innovator

Almost every retail chain has an app today. I never install them. Never. No savings make using them worth the potential problems they bring.

After all, nothing in life is free. There’s always a catch. Always question what the company gets when you “just install this app”.

I often hear from people that because “they have nothing to hide,” they don’t need to worry about privacy on the internet. That really understates the risk of sharing data.

I’d love to see those same people magically compelled to tell everyone every thought that goes through their heads.

Giving access to your data to any company or organization should be done only if you have to, app or not. The more entities that have access to it, the more exposed you are. It’s like giving keys to your home to everyone who requests a copy.

Ahold Delhaize’s Food Lion store, one of many that were part of the data breach incident.

ablokhin via Getty Images

Retailers are increasingly being targeted by hacking groups

Hackers see hacking as a business, even though it is illegal. Cybersecurity company Cybereason recently blogged about Qilin ransomware-as-a-service offering legal counsel for its affiliates.

Can you imagine that? The feature is called “Call Lawyer” and provides legal consultation to the hacker to increase pressure during ransom negotiations. We live in a dark comedy show and don’t know it.

Hackers aren’t picky either. Anything that can be targeted will be targeted. Recently, bigger names hacked include Cartier, Dior, The North Face, and Victoria’s Secret.

Even grocery stores or suppliers can be targets, as shown by the United Natural Foods (UNFI) hack, which resulted in a nationwide outage.

“Because of its tech problems, UNFI had to restrict the service it provides to its clients, reporting that it is now serving them only on ‘a limited basis,” writes Christy Rakoczy for TheStreet.

More Retail:

When a cyberattack occurs, it takes a lot of work to do the forensic investigation and figure out what data (if any) was stolen, and we often get that information with great delay. It doesn’t matter how big or small the company is.

Ahold Delhaize USA data breach affects over 2.2 million

Ahold Delhaize (ADRNY) operates over 2,000 stores in the US under popular brands Food Lion, Giant Food, The GIANT Company, Hannaford, Stop & Shop, and ADUSA Distribution and Transportation.

In November 2024, it announced that it had detected a cybersecurity issue within its U.S. network. Many months later, on June 26th, the company provided an update to the Maine Attorney General’s Office, stating that it had sent written notification to the persons affected by the data breach.

The number of Maine residents affected is 95,463, but the total number of people affected is 2,242,521 across all its stores.

The company disclosed in the notification that stolen files may have included internal employment records containing personal information for past and present workers and their beneficiaries.

The types of information vary by affected individual and can include name, contact information, date of birth, government-issued identification numbers (Social Security, driver’s license numbers, etc.), financial account information, health information, and employment-related information.

I assume most people understand the dangers of having their financial data stolen, but perhaps some don’t know that personal data is as important as it can be used for identity theft and fraud.

The company has arranged with Experian to offer complimentary identity protection and credit monitoring services to affected individuals for two years. These Experian IdentityWorks services include:

Experian Credit Report at Sign-Up,
Credit Monitoring,
Identity Restoration,
Experian IdentityWorks ExtendCARE,
$1 Million Identity Theft Insurance
Internet Surveillance: This service searches the Dark Web and checks for trading or selling of users’ personal information.

Stolen data is often leaked, and hackers recently leaked the data of about 86 million AT&T customers on the dark web.

Yes, what was stolen in this breach was employee data, and it wasn’t from an app. That doesn’t mean that apps aren’t one more potential attack vector. Just like we learn we need to lock our doors, we need to learn how to protect ourselves in the cyber world.