In early June, an unknown third party impersonated a Rite Aid employee to gain access to its systems, the company said July 15.
Within 12 hours of the security incident, Rite Aid detected the computer hack and launched an investigation. The organization alerted law enforcement and regulators, and no social security numbers, financial records or patient information was affected, Rite Aid said.
The third party acquired data on the purchases of specific retail products between June 2017 and July 2018. The data included the purchaser's name, address, date of birth and government-issued ID.
"We regret that this incident occurred and are implementing additional security measures to prevent potentially similar attacks in the future," the company said in a statement. "We take our obligation to safeguard personal information very seriously and are alerting affected consumers about this incident."
It is unclear how many customers might be affected. Becker's has reached out to Rite Aid for more information and will update this article if more details become available.