Rite Aid (third-largest US pharmacy chain) was breached on 6 June 2024 with 2.2 million customers’ names, dates of birth, addresses, and driver’s license/government ID numbers exposed. RansomHub claimed to have stolen 10 GB of data and threatened to leak it after ransom negotiations failed. Customer purchase data from June 2017 through July 2018 was also in scope. No SSNs or financial information were compromised. Rite Aid settled a class action lawsuit for $6.8 million. Rite Aid was already in Chapter 11 bankruptcy at the time of the attack.