Rite Aid Sued Over Impact of Data Breach Said to Affect 24,000

Rite Aid Corp. failed to align with state and federal data protection standards, exposing it to a cyberattack that revealed the personal and medical information of customers, a proposed class action filed in Pennsylvania federal court alleges.

Rite Aid negligently ignored basic security practices like data encryption, allowing hackers access to customer company files after they breached a third-party vendor, the complaint filed in the US District Court for the Eastern District of Pennsylvania alleged.

Plaintiff Betty George and others affected by the breach are now at an increased risk of identity theft, the filing said. The disclosure affected 24,400 ...