![Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers [USA, Global Retailer]](https://sumtrix.com/wp-content/uploads/2025/06/30-14.jpg "Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers [USA, Global Retailer]")
Global retail giant Ahold Delhaize has confirmed a significant data breach, impacting the personal information of over 2.2 million individuals, primarily current and former employees, in the United States. The breach, believed to be a ransomware attack that occurred in November 2024, has exposed a wide array of sensitive data, raising serious concerns about identity theft and financial fraud.
Ahold Delhaize, the parent company of popular U.S. supermarket chains like Food Lion, Stop & Shop, Giant Food, and Hannaford, recently filed notifications with various state Attorney General offices, including Maine, revealing the extensive scope of the compromise. While initially disclosing limited details, the full extent of the breach has now come to light after months of investigation.
The compromised data varies by individual but can include full names, contact information (postal address, email address, and telephone number), dates of birth, government-issued identification numbers (such as Social Security, passport, and driver’s license numbers), financial account information (including bank account numbers), health information (like workers’ compensation and medical records contained in employment files), and other employment-related details.
The attack, widely attributed to the INC ransomware group, first gained unauthorized access to Ahold Delhaize’s internal U.S. business systems between November 5 and 6, 2024. While the company stated there’s no indication customer payment or pharmacy systems were compromised, the focus appears to have been on employee records. The breach caused initial disruptions to some online ordering services and pharmacy operations at the time of the attack.
In response to the incident, Ahold Delhaize has stated it immediately engaged external cybersecurity experts and notified law enforcement. The company is now in the process of notifying all affected individuals and is offering two years of complimentary credit monitoring and identity protection services through Experian. Affected individuals are strongly advised to monitor their financial accounts and credit reports for any suspicious activity and consider placing fraud alerts or credit freezes with major credit bureaus.
This incident serves as a stark reminder of the escalating threat of cyberattacks against major corporations, particularly those in the retail sector that manage vast amounts of sensitive personal data. As investigations continue, Ahold Delhaize has reiterated its commitment to strengthening its cybersecurity infrastructure to prevent future breaches.
