Rite Aid 2024 Data Breach

Rite Aid Pharmacy Chain Breach (2024): 12 Million Customer Records Including Driver's License Exposed via Employee Impersonation | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

PharmacyDriver's LicenseFull NamePhone NumberPhysical Address
Low SeverityWebsite / service breach

Rite Aid Pharmacy Chain Breach (2024): 12 Million Customer Records Including Driver's License Exposed via Employee Impersonation

U.S. pharmacy chain providing prescriptions, retail health products, and related services.

Verified by ObscureIQ Intelligence
0/100Breach Risk Index
35Data Value

Breach Intelligence Summary

Entity: Rite Aid · Actor: Unknown · Sources: 2 references
Attack: Unknown
Profile: Company · Pharmacy retail and healthcare services · Drugstore chain · USA
Timeline: Breach (2024-06-06) · Year (2024)
Exposure: 12.3M records · 4 fields: Driver's License, Full Name, Phone Number, Physical Address
Status: Reported

Executive Summary

Rite Aid, the third-largest pharmacy chain in the United States, suffered a data breach in June 2024 after an attacker impersonated a company employee to obtain business credentials and access customer systems. The intrusion, a social engineering attack, was detected and shut down within 12 hours. The ransomware group RansomHub claimed responsibility and published a sample of the stolen data. Approximately 2.2 million customers were affected, with records drawn from purchases made between June 2017 and July 2018. The exposed data included names, home addresses, dates of birth, and driver's license numbers. Because Rite Aid operates in a pharmacy context, affected individuals face elevated risk beyond standard identity theft. The combination of government-issued ID details and purchase history can enable targeted health-themed scams or expose sensitive care and medication relationships to bad actors. Rite Aid began notifying affected customers in July 2024 and offered identity monitoring services. A class-action lawsuit filed in the Eastern District of Pennsylvania alleged the stolen data had been stored unencrypted and that notification was unreasonably delayed. In March 2025, Rite Aid agreed to a $6.8 million settlement. Class members may be eligible for up to $10,000 in documented losses and two years of credit monitoring. Affected individuals should monitor their credit, watch for suspicious communications referencing health or pharmacy activity, and consider placing a fraud alert or credit freeze with the major credit bureaus.

ObscureIQ assessment: Severe risk of identity theft, fraud, and privacy harm. Pharmacy and prescription context can also enable targeted health-themed scams and expose sensitive medication or care relationships.

Breach Impact

On June 6, 2024, an attacker impersonated a Rite Aid employee to compromise business credentials and gain access to customer systems — a social engineering attack the company detected and terminated within 12 hours. RansomHub claimed responsibility and published a sample of stolen data. Rite Aid confirmed the breach affected approximately 2.2 million customers whose purchase records from June 2017 through July 2018 were exposed, including names, addresses, dates of birth, and driver's license numbers. The company began notifying victims in July 2024 and offered identity monitoring services. A class-action lawsuit filed in the Eastern District of Pennsylvania alleged the stolen data was stored unencrypted and that notification was delayed. In March 2025 Rite Aid agreed to a $6.8 million settlement, with class members eligible for up to $10,000 in documented losses and two years of credit monitoring.

About Rite Aid

Rite Aid is the third-largest pharmacy chain in the United States, operating retail pharmacy locations across 15 states offering prescription services, over-the-counter health products, and general merchandise. The company is headquartered in Philadelphia. It has operated under significant financial and legal pressure throughout the early 2020s, including class action exposure related to opioid dispensing practices.

Why They Hold Your Data

Pharmacy retailers collect highly sensitive customer identity, contact details, prescription and pharmacy records, payment-adjacent data, loyalty activity, and healthcare-service interactions across retail and clinical workflows.

Recent Developments

Rite Aid filed for Chapter 11 bankruptcy in October 2023, citing federal lawsuits and financial liabilities related to the opioid crisis. It closed more than 700 stores as part of the restructuring and emerged from bankruptcy in September 2024 as a private company under a reorganization plan approved by a federal judge in June 2024. The 2024 data breach occurred during this bankruptcy and restructuring period.

Data Points Exposed

4 verified field types
Driver's License Critical
Full Name High
Phone Number
Physical Address High

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • SIM swap attacks where phone numbers are present
  • Doxxing risk from physical address exposure
Threat vectors:
  • Identity fraud & vehicle-related crime
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Rite Aid breach?

Rite Aid, the third-largest pharmacy chain in the United States, suffered a data breach in June 2024 after an attacker impersonated a company employee to obtain business credentials and access customer systems. The intrusion, a social engineering attack, was detected and shut down within 12 hours.…

What data was exposed?

Verified fields include Driver's License, Full Name, Phone Number, Physical Address.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation