‘Wegmans’ has announced a data breach incident due to a cloud storage misconfiguration that has irreversibly exposed the sensitive data of a large number of its customers. The notice warns the exposed individuals of the fact and informs them that the data leak started on April 19, 2021. The company is still investigating the incident and is working with a forensics firm to secure its systems from similar occurrences in the future.
The details that have been potentially exposed to unauthorized individuals are the following:
The company specifically rules out the impact of social security number exposure, payment card, or banking information. As it boldly underlines, they don’t collect this type of data in the first place. One more clarification that is given is that the passwords were hashed and salted, so there’s some encryption involved; however, no details about which algorithm was used for this purpose were given. As such, if you have an account on Wegmans or if you use the same credentials elsewhere, we would suggest that you reset your password immediately.
Wegmans is a large American supermarket chain that operates 106 stores in seven states, with almost half of them being in New York. The company hasn’t given an exact number, but it will count millions of regular buyers if this affects the entire customer base. That is especially the case after the pandemic year, which pushed people to shop online and have their orders delivered. Wegmans talks about two databases, so this may or may not concern a limited set.
Kevin Dunne, President at Pathlock, has shared the following comment with TechNadu:
If you are a customer of Wegmans, just reset your password on the platform and pick something strong and unique. If you are worried and need more information on how to stay protected from the arising risks, call the firm’s line at 1-855-535-1851. In the meantime, watch out for scamming and phishing attempts via email, SMS, or even post mail.