The settlement only resolves claims against Kroger, not any claims against Accellion. The proposed settlement covers all 3.82 million individuals affected by the breach, including Kroger employees and customers, and resolves all lawsuits filed against Kroger in relation to the breach. Lawyers for both sides were able to reach an agreement and a preliminary motion for the proposed settlement was recently filed in the United States District Court for The Northern District of California. Plaintiffs in the Kroger lawsuits alleged the pharmacy chain failed to implement and maintain appropriate data security practices to ensure the security of customer information and failed to detect the vulnerabilities that were exploited by the hackers. Several lawsuits have been filed against Kroger and Accellion over the data breach. Kroger said it had stopped using the legacy Accellion FTA service and confirmed it had successfully retrieved the data stolen by the hackers and received assurances that all copies were destroyed. Kroger notified all affected customers and offered them complimentary credit monitoring and identity theft protection services for two years. The attackers returned the stolen data the following day and provided a video demonstrating the stolen data had been deleted.Īpproximately 1% of Kroger Health and Money customers had their sensitive data stolen, including names, contact information, health benefits information, Social Security numbers, prescription information, and other sensitive data. The FBI was notified, and Kroger paid the ransom on February 18, 2021. Kroger was notified about the breach on Januand received a ransom demand from the attackers on February 2. Individual companies were sent demands for payment to prevent the exposure of their stolen data. While ransomware was not used, the attack was linked to the Clop ransomware gang which threatened to publish the exfiltrated data. Hackers exploited several zero-day vulnerabilities in the solution and gained access to the data of more than 100 companies. The Accellion FTA is a legacy solution used to transfer files too large to be sent via email. Kroger was one of many victims of a cyberattack on Accellion’s File Transfer Appliance (FTA) in December 2020. The pharmacy and supermarket chain Kroger has proposed a $5 million settlement to resolve lawsuits filed by victims of data breach that exposed their personal and protected health information. Kroger Proposes $5 Million Settlement to Resolve Data Breach Lawsuits
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |