Major Grocery Chain Ahold Delhaize Hit by Ransomware, Confirms Data Theft in the U.S.

Overview of the Incident

Ahold Delhaize, a leading food retailer, has officially confirmed a security breach that resulted in data theft from its U.S. business systems during a cyberattack in November 2024.

As the investigation progresses, the company has identified that specific internal files were accessed and extracted by unauthorized individuals.

About Ahold Delhaize

A multinational powerhouse in retail and wholesale, Ahold Delhaize operates almost 8,000 stores worldwide and employs over 410,000 staff, generating annual revenues around $100 billion. In the U.S., it owns well-known brands such as Food Lion, Stop & Shop, Giant Food, and Hannaford.

Details of the Cyberattack

On November 8, 2024, Ahold Delhaize reported a cyber incident, prompting the company to temporarily shut down certain IT systems to safeguard data. The disruption impacted various U.S. based services:

• Pharmacy services
• E-commerce operations

Following the breach, the INC Ransom group, well known for targeting U.S. entities, claimed responsibility and listed Ahold Delhaize on its data leak extortion site. This site included samples of documents purportedly stolen from the company.

Company’s Response and Ongoing Investigation

A spokesperson from Ahold Delhaize confirmed the data breach but has not specified whether ransomware played a part in the attack. The company is actively determining the extent of the intrusion and promises to notify affected customers if personal data is found compromised. Law enforcement agencies have also been informed and are working in conjunction with the company’s own response efforts.

Despite these challenges, Ahold Delhaize assures customers that all stores and online services are operational and secure.

Broader Impact of INC Ransom Attacks

The INC Ransom group has recently escalated its focus on U.S.-based organizations, including targeting major healthcare providers. One noteworthy attack involved the State Bar of Texas, putting the personal data of 100,000 members at risk.

Final Notes

Ahold Delhaize continues to assess the full impact of this significant security breach and remains committed to maintaining transparency with its customers and ensuring robust protective measures are in place.