DAYTON, Ohio (WDTN) – If you are a customer of Rite Aid, an “unknown third party” may have accessed your personal information in a recent data breach, the company says.
In a release obtained by Nexstar’s WDTN, Rite Aid said the company learned on May 31 that a “vulnerability” in a vendor partner’s software had been exploited.
Rite Aid said that once it was told about the exploit, it installed and updated its systems as well as the provider’s software. In the process, Rite Aid discovered that, on May 27, the “third party” managed to access files containing personal customer information.
Customer information in the files included:
- Patient First and Last Name
- Date of Birth
- Address
- Prescription Information
- Limited Insurance Information
- Cardholder ID
- Plan Name
Social Security numbers and credit card numbers were not accessed in the breach, according to Rite Aid.
“We regret that this incident occurred,” Rite Aid says. “We immediately reported it to law enforcement as well as appropriate federal and state regulators. We take our obligation to safeguard personal information very seriously and are alerting consumers about this issue in case they would like to take any steps to help protect themselves.”
The company recommends that customers take action to protect their information. Those who want to receive a free credit report can do so by clicking here.
Letters were sent out July 20 to Rite Aid customers who may be affected. More information about the breach can be found by calling the assistance line at 1-866-373-9172. The line will be available until Oct. 19.
Rite Aid customers who do not receive a letter can still call to see if their information was affected.
