Supermarket giant admits 2.2 million people could be hit by worrying data breach - what to do if you're affected

• Still no confirmation if the data breach affected customers
• Data stolen varies from person to person but generally includes sensitive PII
• INC Ransom assumed responsibility for the attack

When cybercriminals struck Ahold Delhaize in November 2024, they stole sensitive data on more than 2.2 million people, the company has revealed.

The food retail behemoth confirmed the news in a new form, recently filed with the Maine Attorney General’s Office, which did not specify if, among the stolen documents, was information belonging to its customers.

However, it did say they may have included internal employment records for both current and former employees. The combination of stolen data varies from person to person, but generally, it includes full names, postal addresses, email addresses, phone numbers, dates of birth, government-issued ID numbers, bank account numbers, health information, and other employment-related information.