Dollar Tree was impacted by a third-party data breach stemming from the hack of service provider Zeroed-In Technologies. According to Bleeping Computer, nearly two million customers have been affected. “The information stolen during the attack includes names, dates of birth, and Social Security numbers (SSNs).” From the report: According to a data breach notification shared with the Maine Attorney General, Dollar Tree’s service provider, Zeroed-In, suffered a security incident between August 7 and 8, 2023. As part of this cyberattack, the threat actors managed to steal data containing the personal information of Dollar Tree and Family Dollar employees. “While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor,” reads the letter sent to affected individuals. “Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates.”
The information stolen during the attack includes names, dates of birth, and Social Security numbers (SSNs). Zeroed-In has notified the affected individuals and enclosed instructions on enrolling in a twelve-month identity protection and credit monitoring service. Other Zeroed-In customers apart from Dollar Tree and Family Dollar may have also been impacted by the security breach, but this hasn’t been confirmed yet. Meanwhile, the scale of the data breach has already triggered investigations from law firms looking into a potential class-action lawsuit against Zeroed-In.
