Retail giant Ahold Delhaize USA has confirmed that a cyberattack last November exposed the personal data of approximately 2.2 million current and former employees, their dependents, and beneficiaries. The breach, attributed to the INC Ransom ransomware group, compromised a significant trove of sensitive information, including names, contact details, dates of birth, government-issued identification numbers (such as Social Security, passport, and driver’s license numbers), financial account information, health data, and employment-related details.
The attack, which Ahold Delhaize USA detected on November 6, 2024, involved unauthorized access to internal U.S. business systems, with data exfiltration occurring between November 5 and 6, 2024. While the company quickly moved to contain the issue and restore affected systems, including those impacting online orders and pharmacy operations at brands like Stop & Shop, Hannaford, Food Lion, and Giant Food, the full extent of the data compromise has only recently been disclosed.
In April 2025, the INC Ransom group publicly claimed responsibility for the breach, listing Ahold Delhaize on its data leak site and threatening to release stolen data. The group claimed to have exfiltrated 6 terabytes of data, though Ahold Delhaize has not confirmed this specific volume.
Ahold Delhaize USA has stated that its investigation found no indication that customer payment or pharmacy systems were compromised, nor were customer credit card numbers identified in the affected files. However, the depth of the personal information exposed for current and former employees raises significant concerns about potential identity theft, financial fraud, and targeted phishing attempts.
In response, Ahold Delhaize USA is directly notifying affected individuals via written letters and offering two years of complimentary credit monitoring and identity protection services through Experian. The company emphasizes its commitment to enhancing its security measures and is working with external cybersecurity experts and law enforcement to address the incident. This breach serves as another stark reminder of the escalating cyber threats faced by major corporations and the critical importance of robust cybersecurity defenses to protect sensitive personal data
