Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Dollar Tree confirms significant data breach

Data Breach.

UPDATE: In a statement, a Dollar Tree spokesperson told TechRadar Pro, "Zeroed-In is a vendor that we and other companies use. They informed us that they identified a security incident, and they provided notice of the incident to current and former employees." 

Retail giant Dollar Tree has become the latest victim in a long list of supply-chain attacks.

In a data breach notification filed with the Maine Attorney General, the company’s service provider Zeroed-In Technologies was breached, and sensitive data from its client stolen over August 7 and 8 2023. 

Potential for class-action lawsuits

So far, it was confirmed that at least some of the data belonged to the employees of Dollar Tree and Family Dollar.

"While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor," the company said in a letter sent to the victims, BleepingComputer reports. 

"Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates."

Besides notifying the victims, Zeroed-In enrolled them in a year-long identity protection and credit monitoring service.

The media are also reporting that different law firms started investigating the breach to see if there is any potential for a class-action lawsuit against Zeroed-In.

Console & Associates, for example, set up a dedicated landing page saying “Our data breach lawyers are eager to speak to victims of the ZeroedIn Technologies data breach to determine what damages they sustained and what compensation may be available to them.”

The company is currently silent on the matter, as there is nothing on its newsroom site or Twitter. The type of attack that Zeroed-In suffered remains a mystery. We don’t know if it was infostealing malware, or if the company suffered a ransomware attack.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.