Accellion Security Incident Impacts Kroger Family of Companies Associates and Limited Number of Customers
The Kroger Co. (NYSE: KR) confirmed a data security incident involving Accellion, Inc., affecting certain files accessed through their services. Kroger reported that less than 1% of customers, primarily from Kroger Health and Money Services, were impacted, with no credit card or password data compromised. Following the breach, Kroger terminated its use of Accellion, notified federal law enforcement, and began an investigation. Affected individuals will be offered free credit monitoring.
- Less than 1% of customers affected by the incident.
- No compromise of sensitive financial information.
- Proactive response by offering free credit monitoring.
- Incident may damage customer trust.
- Potential reputational risk stemming from the data breach.
CINCINNATI, Feb. 19, 2021 /PRNewswire/ -- The Kroger Co. (NYSE: KR) Family of Companies today confirmed that it was impacted by the data security incident affecting Accellion, Inc. Accellion's services were used by Kroger, as well as many other companies, for third-party secure file transfers. Accellion notified Kroger that an unauthorized person gained access to certain Kroger files by exploiting a vulnerability in Accellion's file transfer service.
The incident was isolated to Accellion's services and did not affect the Kroger Family of Companies' IT systems or any grocery store systems or data. No credit or debit card information or customer account passwords were affected by this incident. After being informed of the incident's effect on January 23, 2021, Kroger discontinued the use of Accellion's services, reported the incident to federal law enforcement, and initiated its own forensic investigation to review the potential scope and impact of the incident.
At this time, based on the information provided by Accellion and its own investigation, Kroger believes that less than
Protecting data is a priority for the Kroger Family of Companies and it is directly contacting all customers and associates who may have been affected to inform them of the incident. While Kroger has no indication of fraud or misuse of personal information as a result of this incident, out of an abundance of caution Kroger has arranged to offer credit monitoring to all affected individuals at no cost to them.
Additional information and future updates can be found at www.Kroger.com/AccellionIncident.
About The Kroger Co.:
At The Kroger Co. (NYSE: KR), we are Fresh for Everyone™ and dedicated to our Purpose: To Feed the Human Spirit®. We are, across our family of companies, nearly half a million associates who serve over 60 million customers through a seamless shopping experience under a variety of banner names. We are committed to creating #ZeroHungerZeroWaste communities by 2025. To learn more about us, visit our newsroom and investor relations site.
View original content to download multimedia:http://www.prnewswire.com/news-releases/accellion-security-incident-impacts-kroger-family-of-companies-associates-and-limited-number-of-customers-301231891.html
SOURCE The Kroger Co.
FAQ
What data security incident affected Kroger on February 19, 2021?
How many customers were affected by the Kroger data breach?
What steps did Kroger take after the data breach?
Was any sensitive customer information compromised in the Kroger incident?
What assistance is Kroger offering to those affected by the breach?
