Ahold Delhaize confirms data stolen after threat group claims credit for November attack
Cybersecurity Dive · Sam Silverstein/Cybersecurity Dive

In This Article:

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter.

Ahold Delhaize confirmed Thursday that certain files from its U.S. operations were stolen in a November cyberattack after a threat group claimed credit for the incident.

The threat group, tracked as Inc Ransom, claimed in a Wednesday post on its leak site to have up to 6 TB of sensitive data from the Netherlands-based supermarket operator’s U.S. division and threatened to release the information if its demands are not met, according to researchers at Arctic Wolf. The attackers have not said what those demands are.

“Since the incident was detected, our teams have been working diligently to determine what information may have been affected,” Ahold Delhaize USA said in a statement.

Ahold Delhaize added that it is working with outside forensics experts to confirm what information was taken and will disclose that information to affected individuals in accordance with legal obligations. The company said it has also notified and updated law enforcement on the matter. 

The attack disrupted e-commerce operations at Ahold Delhaize USA’s Hannaford banner and also impacted certain pharmacy and e-commerce operations elsewhere in the U.S. Ahold Delhaize’s U.S. business includes Giant Food, Stop & Shop, Food Lion and The Giant Company in addition to Hannaford.

Hannaford, which runs nearly 200 supermarkets in four Northeastern states, was forced to halt pickup and delivery orders for several days because of the incident, which it described at the time as a “cybersecurity issue.”

The grocer indicated that its physical stores remained open despite the incident, with most accepting all major payment methods, including credit cards.

Ahold Delhaize USA temporarily took some systems offline in response to the attack “to help protect them,” the company said in a Nov. 8 statement.

Hannaford’s website displayed a message that said it was dealing with “technical issues with our servers.” The company’s other U.S. grocery banners’ websites appeared to remain operational, but all carried an identical note that said users might experience disruptions and reduced availability for e-commerce services because of “system outages.”

Ahold Delhaize’s Thursday disclosure that it had suffered a data breach comes about a week after the company confirmed that Ann Dozier had been onboarded as the chief information officer of the U.S. business. 


Waiting for permission
Allow microphone access to enable voice search

Try again.