Dutch grocery conglomerate Ahold Delhaize disclosed last week that a ransomware attack on its systems in 2024 led to a data breach affecting more than 2.2 million people.
The incident first came to public attention in November 2024 when several U.S.-based pharmacies and supermarket chains owned by Ahold Delhaize began experiencing network disruptions. Those affected included Giant Food pharmacies, Hannaford supermarkets, Food Lion, The Giant Company, and Stop & Shop.
The Inc Ransom group claimed responsibility for the cyberattack in April 2025. Shortly afterward, Ahold Delhaize confirmed that the attackers likely extracted data from internal business systems.
The company has since verified that personal data was compromised and has started notifying the impacted individuals.
The stolen data includes internal employment records linked to current and former employees of Ahold Delhaize USA companies.
According to a report submitted to the Maine Attorney General’s Office, 2,242,521 individuals were affected by the breach.
The type of compromised data varies by person, but it may include names, contact details, birth dates, Social Security numbers, passport numbers, driver’s license numbers, bank account information, health data, and employment-related records.
To support those impacted, Ahold Delhaize is providing two years of free credit monitoring and identity protection services.
On a dark web leak site, the hackers published approximately 800 gigabytes of data they claim to have stolen from the company. This suggests that Ahold Delhaize did not pay the ransom. Inc Ransom alleges it took as much as six terabytes of data.
The retail sector, especially supermarkets, has become a growing target for cybercriminals in recent months.
In April, UK retailers including Co-op, Harrods, and Marks & Spencer were attacked by cyber actors believed to be linked to the Scattered Spider group.
More recently, United Natural Foods (UNFI), a major distributor for Amazon’s Whole Foods and other grocery stores in North America, experienced a cyberattack that disrupted operations and led to product shortages.
UNFI stated that there is no evidence of personal or health data being stolen. No ransomware group has claimed responsibility for the attack.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
