Data Leak Impacts More Than Two Million Individuals at Ahold Delhaize

Data Leak Impacts More Than Two Million Individuals at Ahold Delhaize

Ahold Delhaize USA Suffers Major Data Breach, Exposing Personal Information of 2.2 Million Individuals

On November 6, 2024, Ahold Delhaize USA Services detected a cybersecurity issue involving unauthorized access to some of its internal U.S. business systems, leading to a massive data breach that affected 2.24 million individuals primarily consisting of current and former employees of Ahold Delhaize’s grocery brands such as Food Lion, Giant Food, Hannaford, and Stop & Shop.

Impact of the Breach

The compromised data included a wide range of personally identifiable information (PII) and protected health information (PHI): names, contact details, dates of birth, Social Security numbers, driver’s license and passport numbers, financial account information, health and medical records, insurance info, and employment records. It is important to note that no customer credit card or direct customer payment data was impacted; the breach involved internal company and employee-related data.

The breach affected people across multiple states, with thousands impacted in Maine, Massachusetts, South Carolina, Texas, and others. Some stolen information was reportedly offered for sale on the dark web, raising risks of identity theft and fraud.

Investigation and Response Measures

Ahold Delhaize USA Services initiated an investigation immediately after discovering the breach. Independent reports strongly suggest the breach was a ransomware attack involving double extortion tactics—encrypting systems while stealing data to demand ransom, although Ahold Delhaize did not publicly confirm ransomware specifically.

Notifications to affected individuals began by mail on June 26, 2025, almost eight months after the breach was identified. The company disclosed the breach to multiple state Attorney General offices starting June 26, 2025, fulfilling legal reporting requirements. Ahold Delhaize published a Cybersecurity Issue Update and notified impacted individuals by mail.

Legal firms such as Wolf Haldenstein have launched investigations and potential class action lawsuits on behalf of affected individuals. The breach has underscored common cloud and SaaS security issues in grocery chains, including risks from untracked third-party integrations and poor visibility into data sharing, which may have contributed to the attack’s success.

Ongoing Investigations and Implications

According to Cybernews, the ransomware group INC Ransom is taking credit for the November cyberattack on Ahold Delhaize's network. The company is directly notifying affected individuals and offering complimentary credit monitoring and identity protection services for two years. The incident serves as a reminder for organisations to prioritise cybersecurity measures and maintain vigilance against potential threats.

[1] Ahold Delhaize USA (2025). Cybersecurity Issue Update. [Online] Available at: https://www.aholddelhaizeusa.com/cybersecurity-issue-update

[2] Krebs, B. (2025). Ahold Delhaize Data Breach Affects 2.2 Million People. KrebsonSecurity. [Online] Available at: https://krebsonsecurity.com/2025/06/ahold-delhaize-data-breach-affects-2-2-million-people/

[3] ZDNet (2025). Ahold Delhaize data breach: What we know so far. [Online] Available at: https://www.zdnet.com/article/ahold-delhaize-data-breach-what-we-know-so-far/

[4] Wolf Haldenstein (2025). Class Action Investigation: Ahold Delhaize Data Breach. [Online] Available at: https://www.wolfhaldenstein.com/class-action-investigations/ahold-delhaize-data-breach/

[5] ZDNet (2025). Ahold Delhaize data breach: The cloud and SaaS security lessons. [Online] Available at: https://www.zdnet.com/article/ahold-delhaize-data-breach-the-cloud-and-saas-security-lessons/

[1] In the aftermath of the cyberattack, Ahold Delhaize USA Services recognized the critical intersection of the finance, technology, and cybersecurity sectors, realizing the importance of securing sensitive data in their business operations.

[2] As the investigation into the data breach continues, law firms like Wolf Haldenstein have taken the lead in exploring potential financial consequences through class action lawsuits, demonstrating the interwoven nature of business, cybersecurity, and the legal industry in mitigating such incidents.

Read also: