RITE AID
Company Details
Linkedin ID:
riteaid
Website:
Employees number:
30,858
Number of followers:
121,870
NAICS:
43
Industry Type:
Homepage:
riteaid.com
IP Addresses:
120
Company ID:
RIT_5472657
Scan Status:
Completed
RITE AID Company CyberSecurity Posture
riteaid.com
Rite Aid is a full-service pharmacy committed to improving health outcomes. Rite Aid is defining the modern pharmacy by meeting customer needs with a wide range of solutions that offer convenience, including retail and delivery pharmacy, as well as services offered through our wholly owned subsidiary Bartell Drugs. Regional chain Bartell Drugs has supported the health and wellness needs in the Seattle area for more than 130 years. For more information, visit www.riteaid.com.
RITE AID A.I CyberSecurity Scoring
RITE AID Risk Score (AI oriented)Between 600 and 649
RITE AID
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
RITE AID Global Score (TPRM)XXXX
RITE AID
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
RITE AID Company CyberSecurity News & History
Past Incidents
9
Attack Types
3
RITE AID
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Rite Aid pharmacy chain suffered from a data breach incident after that an unauthorized individual stole sensitive customer information for a period of 10 weeks. The compromised information includes personal data and credit card details, names, addresses, and all payment information including CVV numbers. Rite Aid collaborated with investigators to identify the origin of the breach and provide strategies for future avoidance. Additionally, they assisted with investigations for credit card firms. A full year of free credit monitoring was provided to affected people.
Rite Aid Corporation
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported on October 1, 2018, that Rite Aid Corporation experienced a data breach on August 30, 2018. The breach involved the inadvertent inclusion of Rite Aid associates' personal information, such as names, contact information, and Social Security numbers, in a file sent to Empower Retirement due to a programming update. The number of affected individuals is currently unknown.
Rite Aid Corporation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Rite Aid Corporation experienced a data security issue involving PNI Digital Media between August 20, 2014, and July 14, 2015. This incident potentially exposed customer names, addresses, phone numbers, email addresses, and payment card information. The report was made on September 22, 2015, and no notification letter was explicitly mentioned.
Rite Aid
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On July 15, 2024, the Vermont Office of the Attorney General reported a data breach involving Rite Aid that occurred on June 6, 2024. An unauthorized third party accessed certain business systems by impersonating an employee, potentially compromising purchaser names, addresses, dates of birth, and driver's license numbers of individuals who made purchases between June 6, 2017, and July 30, 2018. No financial or Social Security numbers were impacted.
Rite Aid
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Rite Aid faced a cyberattack that resulted in a $6.8 million settlement due to a breach that compromised the personal information of over 2 million customers. Between June 6, 2017, and July 30, 2018, attackers, posing as a Rite Aid employee, gained access to business systems and exfiltrated personal details including names, addresses, birth dates, and government IDs. The breach was identified quickly, and the company undertook an internal investigation to address the situation.
Rite Aid Online Store, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On May 17, 2017, the Washington State Office of the Attorney General reported a data breach involving Rite Aid Online Store, Inc. The breach occurred between January 30, 2017, and April 11, 2017, affecting approximately 657 Washington residents. The incident potentially exposed their names, addresses, email addresses, and payment card information. This breach highlights the vulnerability of online retailers to cyber threats and the importance of robust security measures to protect customer data.
Rite Aid Corporation
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Office of the Attorney General reported a data breach involving Rite Aid Corporation on July 15, 2024. The breach occurred on June 6, 2024, due to a phishing cyberattack that potentially affected 96,270 individuals, compromising names, driver's license numbers, and full dates of birth.
Rite Aid Corporation
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Office of the Attorney General reported a data breach involving Rite Aid Corporation on May 27, 2023. The breach potentially affected 1,409 individuals, exposing personal information including names, full dates of birth, health insurance policy or ID numbers, and medical information. The notification was reported on July 19, 2023, and was associated with a cyberattack.
Rite Aid Corporation
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Rite Aid Corporation, a leading American drugstore chain, disclosed a significant data breach when it fell victim to the RansomHub ransomware attack in June. The breach resulted in the theft of 10 GB of data, comprising around 45 million records of personal information including names, addresses, driver's license numbers, dates of birth, and rewards numbers. This cyber incident follows a previous breach in May 2023, indicating a pattern of security challenges for the company.
RITE AID Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for RITE AID
Incidents vs Retail Industry Average (This Year)
No incidents recorded for RITE AID in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for RITE AID in 2025.
Incident Types RITE AID vs Retail Industry Avg (This Year)
No incidents recorded for RITE AID in 2025.
Incident History — RITE AID (X = Date, Y = Severity)
RITE AID cyber incidents detection timeline including parent company and subsidiaries
RITE AID Company Subsidiaries
Rite Aid is a full-service pharmacy committed to improving health outcomes. Rite Aid is defining the modern pharmacy by meeting customer needs with a wide range of solutions that offer convenience, including retail and delivery pharmacy, as well as services offered through our wholly owned subsidiary Bartell Drugs. Regional chain Bartell Drugs has supported the health and wellness needs in the Seattle area for more than 130 years. For more information, visit www.riteaid.com.
Loading...
RITE AID Similar Companies
American Eagle Outfitters (AEO) is a portfolio of unique, loved and enduring brands: American Eagle, Aerie, OFFL/NE by Aerie, Todd Snyder and Unsubscribed. We provide a welcoming and engaging customer and associate experience, and we embrace all. Merchandise assortments consist of high-quality, on-t
At BJ's, we’re focused on delivering unbeatable value and outstanding service to our members, and our culture is instrumental in fulfilling this mission. Our values reflect what is unique about BJ’s culture and are key factors in our past and future success. Explore career opportunities at BJ's and
Titan Company Limited
Titan Company Ltd is the organization that brought about a paradigm shift in the Indian watch market when it introduced its futuristic quartz technology, complemented by international styling. With India's two most recognized and loved brands Titan and Tanishq to its credit, Titan Company Ltd is the
SPAR South Africa
There’s something different about shopping at SPAR, that’s because we’ve created a culture of caring and community to ensure our customers have a consistently enjoyable shopping experience in a uniquely friendly and family orientated store. Nothing means more to us than our valued customers and we
Hobby Lobby
In 1970, entrepreneurs David and Barbara Green, along with their young family, began making miniature picture frames in their garage. A few years later, on August 3, 1972, the Green family opened the first Hobby Lobby store with a mere 300 square feet of retail space. Hobby Lobby has not stopped g
Company Overview Headquartered in Knoxville, Tennessee, Pilot Flying J is the largest operator of travel centers in North America with more than 750 locations throughout the United States and Canada and employs more than 24,000 Team Members. Pilot Flying J services over a million guests every day.
Pepco Group
Established in 2015, Pepco Group (WSE: PCO) is a Warsaw Stock Exchange listed operator of the market-leading retail businesses: Pepco, Poundland and Dealz Poland. These businesses provide great product range, value and convenience to over 60 million customers each month in Europe, trading from nearl
Jewel-Osco
Proudly serving our customers in the Chicagoland area since 1899, Jewel-Osco provides friendly service, quality products and great value. Jewel-Osco operates 188 stores throughout the Chicagoland area, Indiana and Iowa, which is part of a 2,200+ store operation that employs approximately 290,000 peo
Kohl's
Kohl’s is a leading omnichannel retailer with more than 1,100 stores in 49 states. Kohl's business is built on a solid foundation of more than 60 million customers, an unmatched brand portfolio, industry-leading loyalty and Kohl's Card programs, a convenient and accessible nationwide store footprin
.png)
RITE AID CyberSecurity News
October 30, 2025 09:00 PM
Spotless Brands Adds Matthew Schroeder as CFO, Jason O’Sullivan as SVP of IT to Support Expansion into New Markets
OAKBROOK TERRACE, Ill.--(BUSINESS WIRE)--Spotless Brands (“Spotless”), a premier super-regional car wash company, today announced the...
October 17, 2025 07:00 AM
T-Mobile lifts curtain on new cyber defense center to combat rising security threats
T-Mobile unveils high-tech cybersecurity center to combat rising threats, featuring advanced monitoring and a cyber lab to improve product...
October 16, 2025 07:00 AM
Seattle firm's cybersecurity breach linked to China-backed hackers
F5 Inc. faces a security breach tied to Chinese hackers, according to report. The yearlong intrusion sparks concerns over federal networks...
August 01, 2025 07:00 AM
Rite Aid's $6.8M Data Breach Settlement Gets Final OK
A Pennsylvania federal court has given its final approval to a $6.8 million settlement of data breach claims against now-bankrupt Rite Aid...
July 04, 2025 07:00 AM
Eligible people may now claim $10,000 ― New data breach class action confirmed
As if today's celebrations aren't big enough, a little birdy told us a new data breach class action settlement has been confirmed and some...
June 04, 2025 07:00 AM
Can this pair help Philly land big employers where refineries once stood?
Hilco Global has hired former U.S. Rep. Patrick Murphy and cybersecurity expert Alexander Niejelow to advise corporate clients.
May 16, 2025 07:00 AM
Rite Aid Sale of Customer Health Data Looms as Security Concern
The pending sale of millions of customer health records as part of Rite Aid Corp. 's bankruptcy proceedings is putting a spotlight on data security protections.
May 07, 2025 07:00 AM
Kirkland's Chainguard gets crash course on managing rapid growth
Fast-growing cybersecurity startup Chainguard is keeping its foot on the gas, but remains mindful of possible speed bumps ahead.
April 21, 2025 07:00 AM
Rite Aid’s Bank Lenders at Risk for Rare Losses
Rite Aid's bank lenders risk taking losses as the company weighs a bankruptcy filing, according to loan prices and people familiar with the matter.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
RITE AID CyberSecurity History Information
Official Website of RITE AID
The official website of RITE AID is http://www.riteaid.com/careers.
RITE AID’s AI-Generated Cybersecurity Score
According to Rankiteo, RITE AID’s AI-generated cybersecurity score is 646, reflecting their Poor security posture.
How many security badges does RITE AID’ have ?
According to Rankiteo, RITE AID currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does RITE AID have SOC 2 Type 1 certification ?
According to Rankiteo, RITE AID is not certified under SOC 2 Type 1.
Does RITE AID have SOC 2 Type 2 certification ?
According to Rankiteo, RITE AID does not hold a SOC 2 Type 2 certification.
Does RITE AID comply with GDPR ?
According to Rankiteo, RITE AID is not listed as GDPR compliant.
Does RITE AID have PCI DSS certification ?
According to Rankiteo, RITE AID does not currently maintain PCI DSS compliance.
Does RITE AID comply with HIPAA ?
According to Rankiteo, RITE AID is not compliant with HIPAA regulations.
Does RITE AID have ISO 27001 certification ?
According to Rankiteo,RITE AID is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of RITE AID
RITE AID operates primarily in the Retail industry.
Number of Employees at RITE AID
RITE AID employs approximately 30,858 people worldwide.
Subsidiaries Owned by RITE AID
RITE AID presently has no subsidiaries across any sectors.
RITE AID’s LinkedIn Followers
RITE AID’s official LinkedIn profile has approximately 121,870 followers.
NAICS Classification of RITE AID
RITE AID is classified under the NAICS code 43, which corresponds to Retail Trade.
RITE AID’s Presence on Crunchbase
Yes, RITE AID has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/rite-aid.
RITE AID’s Presence on LinkedIn
Yes, RITE AID maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/riteaid.
Cybersecurity Incidents Involving RITE AID
As of November 27, 2025, Rankiteo reports that RITE AID has experienced 9 cybersecurity incidents.
Number of Peer and Competitor Companies
RITE AID has an estimated 15,247 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at RITE AID ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach and Cyber Attack.
What was the total financial impact of these incidents on RITE AID ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $6.80 million.
How does RITE AID detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with investigators, third party assistance with credit card firms, and recovery measures with provided a full year of free credit monitoring to affected people..
Incident Details
Can you provide details on each incident ?
Title: Rite Aid Data Breach
Description: Rite Aid pharmacy chain suffered from a data breach incident after an unauthorized individual stole sensitive customer information for a period of 10 weeks.
Type: Data Breach
Threat Actor: Unauthorized Individual
Title: Rite Aid Corporation Data Breach
Description: Rite Aid Corporation suffered a data breach due to a RansomHub ransomware attack, resulting in the theft of 10 GB of data comprising around 45 million records of personal information.
Date Detected: June 2023
Date Publicly Disclosed: June 2023
Type: Data Breach
Attack Vector: Ransomware
Threat Actor: RansomHub
Motivation: Financial Gain
Title: Rite Aid Data Breach
Description: Rite Aid faced a cyberattack that resulted in a $6.8 million settlement due to a breach that compromised the personal information of over 2 million customers. Between June 6, 2017, and July 30, 2018, attackers, posing as a Rite Aid employee, gained access to business systems and exfiltrated personal details including names, addresses, birth dates, and government IDs. The breach was identified quickly, and the company undertook an internal investigation to address the situation.
Type: Data Breach
Attack Vector: Phishing
Motivation: Data Theft
Title: Rite Aid Corporation Data Breach
Description: The Washington State Office of the Attorney General reported a data breach involving Rite Aid Corporation on July 15, 2024. The breach occurred on June 6, 2024, due to a phishing cyberattack that potentially affected 96,270 individuals, compromising names, driver's license numbers, and full dates of birth.
Date Detected: 2024-06-06
Date Publicly Disclosed: 2024-07-15
Type: Data Breach
Attack Vector: Phishing
Title: Rite Aid Online Store Data Breach
Description: A data breach involving Rite Aid Online Store, Inc. that occurred between January 30, 2017, and April 11, 2017, affecting approximately 657 Washington residents and potentially exposing their names, addresses, email addresses, and payment card information.
Date Detected: 2017-04-11
Date Publicly Disclosed: 2017-05-17
Type: Data Breach
Title: Rite Aid Corporation Data Breach
Description: The Washington State Office of the Attorney General reported a data breach involving Rite Aid Corporation, which occurred on May 27, 2023. The breach potentially affected 1,409 individuals, exposing personal information including names, full dates of birth, health insurance policy or ID numbers, and medical information. The notification was reported on July 19, 2023, and was associated with a cyberattack.
Date Detected: 2023-05-27
Date Publicly Disclosed: 2023-07-19
Type: Data Breach
Title: Rite Aid Data Breach
Description: An unauthorized third party accessed certain business systems by impersonating an employee, potentially compromising purchaser names, addresses, dates of birth, and driver's license numbers of individuals who made purchases between June 6, 2017, and July 30, 2018.
Date Detected: 2024-07-15
Date Publicly Disclosed: 2024-07-15
Type: Data Breach
Attack Vector: Impersonation
Vulnerability Exploited: Employee Impersonation
Threat Actor: Unauthorized Third Party
Title: Rite Aid Corporation Data Security Issue
Description: The California Office of the Attorney General reported that Rite Aid Corporation experienced a data security issue involving PNI Digital Media between August 20, 2014, and July 14, 2015, potentially exposing customer names, addresses, phone numbers, email addresses, and payment card information.
Date Detected: July 14, 2015
Date Publicly Disclosed: September 22, 2015
Type: Data Breach
Title: Rite Aid Corporation Data Breach
Description: The California Office of the Attorney General reported on October 1, 2018, that Rite Aid Corporation experienced a data breach on August 30, 2018. The breach involved the inadvertent inclusion of Rite Aid associates' personal information, such as names, contact information, and Social Security numbers, in a file sent to Empower Retirement due to a programming update. The number of affected individuals is currently unknown.
Date Detected: 2018-08-30
Date Publicly Disclosed: 2018-10-01
Type: Data Breach
Attack Vector: Inadvertent Data Exposure
Vulnerability Exploited: Programming Update Error
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing and Employee Impersonation.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach RIT104471022
Data Compromised: Personal data, Credit card details
Incident : Data Breach RIT000071424
Data Compromised: Names, Addresses, Driver's license numbers, Dates of birth, Rewards numbers
Incident : Data Breach RIT522030625
Financial Loss: 6.8 million USD
Data Compromised: Personal Information
Incident : Data Breach RIT755072725
Data Compromised: Names, Driver's license numbers, Full dates of birth
Incident : Data Breach RIT429072825
Data Compromised: Names, Addresses, Email addresses, Payment card information
Incident : Data Breach RIT949072925
Data Compromised: Names, Full dates of birth, Health insurance policy or id numbers, Medical information
Incident : Data Breach RIT238072925
Data Compromised: Purchaser names, Addresses, Dates of birth, Driver's license numbers
Incident : Data Breach RIT022080525
Data Compromised: Customer names, Addresses, Phone numbers, Email addresses, Payment card information
Incident : Data Breach RIT424080525
Data Compromised: Names, Contact information, Social security numbers
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $755.56 thousand.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Data, Credit Card Details, , Names, Addresses, Driver'S License Numbers, Dates Of Birth, Rewards Numbers, , Personal Information, Names, Driver'S License Numbers, Full Dates Of Birth, , Names, Addresses, Email Addresses, Payment Card Information, , Names, Full Dates Of Birth, Health Insurance Policy Or Id Numbers, Medical Information, , Purchaser Names, Addresses, Dates Of Birth, Driver'S License Numbers, , Customer Names, Addresses, Phone Numbers, Email Addresses, Payment Card Information, , Names, Contact Information, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach RIT000071424
Entity Name: Rite Aid Corporation
Entity Type: Drugstore Chain
Industry: Retail
Location: United States
Customers Affected: 45000000
Incident : Data Breach RIT522030625
Entity Name: Rite Aid
Entity Type: Company
Industry: Pharmacy
Customers Affected: Over 2 million
Incident : Data Breach RIT755072725
Entity Name: Rite Aid Corporation
Entity Type: Corporation
Industry: Retail
Customers Affected: 96270
Incident : Data Breach RIT429072825
Entity Name: Rite Aid Online Store, Inc.
Entity Type: Retail
Industry: Pharmacy
Location: Washington
Customers Affected: 657
Incident : Data Breach RIT949072925
Entity Name: Rite Aid Corporation
Entity Type: Corporation
Industry: Healthcare
Customers Affected: 1409
Incident : Data Breach RIT022080525
Entity Name: Rite Aid Corporation
Entity Type: Corporation
Industry: Retail
Incident : Data Breach RIT424080525
Entity Name: Rite Aid Corporation
Entity Type: Corporation
Industry: Retail
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach RIT104471022
Third Party Assistance: Investigators, Credit Card Firms.
Recovery Measures: Provided a full year of free credit monitoring to affected people
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Investigators, Credit Card Firms, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach RIT104471022
Type of Data Compromised: Personal data, Credit card details
Personally Identifiable Information: NamesAddresses
Incident : Data Breach RIT000071424
Type of Data Compromised: Names, Addresses, Driver's license numbers, Dates of birth, Rewards numbers
Number of Records Exposed: 45000000
Sensitivity of Data: High
Incident : Data Breach RIT522030625
Type of Data Compromised: Personal Information
Number of Records Exposed: Over 2 million
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
Incident : Data Breach RIT755072725
Type of Data Compromised: Names, Driver's license numbers, Full dates of birth
Number of Records Exposed: 96270
Incident : Data Breach RIT429072825
Type of Data Compromised: Names, Addresses, Email addresses, Payment card information
Number of Records Exposed: 657
Personally Identifiable Information: namesaddressesemail addresses
Incident : Data Breach RIT949072925
Type of Data Compromised: Names, Full dates of birth, Health insurance policy or id numbers, Medical information
Number of Records Exposed: 1409
Sensitivity of Data: High
Incident : Data Breach RIT238072925
Type of Data Compromised: Purchaser names, Addresses, Dates of birth, Driver's license numbers
Sensitivity of Data: High
Incident : Data Breach RIT022080525
Type of Data Compromised: Customer names, Addresses, Phone numbers, Email addresses, Payment card information
Incident : Data Breach RIT424080525
Type of Data Compromised: Names, Contact information, Social security numbers
Sensitivity of Data: High
Ransomware Information
Was ransomware involved in any of the incidents ?
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Provided a full year of free credit monitoring to affected people, .
References
Where can I find more information about each incident ?
Incident : Data Breach RIT000071424
Source: Cyber Incident Description
Incident : Data Breach RIT755072725
Source: Washington State Office of the Attorney General
Date Accessed: 2024-07-15
Incident : Data Breach RIT429072825
Source: Washington State Office of the Attorney General
Date Accessed: 2017-05-17
Incident : Data Breach RIT949072925
Source: Washington State Office of the Attorney General
Date Accessed: 2023-07-19
Incident : Data Breach RIT238072925
Source: Vermont Office of the Attorney General
Date Accessed: 2024-07-15
Incident : Data Breach RIT022080525
Source: California Office of the Attorney General
Date Accessed: September 22, 2015
Incident : Data Breach RIT424080525
Source: California Office of the Attorney General
Date Accessed: 2018-10-01
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident Description, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2024-07-15, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2017-05-17, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2023-07-19, and Source: Vermont Office of the Attorney GeneralDate Accessed: 2024-07-15, and Source: California Office of the Attorney GeneralDate Accessed: September 22, 2015, and Source: California Office of the Attorney GeneralDate Accessed: 2018-10-01.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach RIT522030625
Investigation Status: Completed
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach RIT522030625
Entry Point: Phishing
Incident : Data Breach RIT238072925
Entry Point: Employee Impersonation
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach RIT522030625
Root Causes: Phishing Attack
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Investigators, Credit Card Firms, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Unauthorized Individual, RansomHub and Unauthorized Third Party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on June 2023.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2018-10-01.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was 6.8 million USD.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Data, Credit Card Details, , names, addresses, driver's license numbers, dates of birth, rewards numbers, , Personal Information, names, driver's license numbers, full dates of birth, , names, addresses, email addresses, payment card information, , names, full dates of birth, health insurance policy or ID numbers, medical information, , Purchaser names, Addresses, Dates of birth, Driver's license numbers, , customer names, addresses, phone numbers, email addresses, payment card information, , Names, Contact Information, Social Security Numbers and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was investigators, credit card firms, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were dates of birth, driver's license numbers, phone numbers, addresses, health insurance policy or ID numbers, Names, Personal Data, Social Security Numbers, Purchaser names, Dates of birth, Contact Information, rewards numbers, email addresses, names, Addresses, customer names, Credit Card Details, payment card information, Driver's license numbers, medical information, Personal Information and full dates of birth.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.0M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cyber Incident Description, Vermont Office of the Attorney General, Washington State Office of the Attorney General and California Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Completed.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Phishing and Employee Impersonation.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=riteaid' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
