Wegmans hit with $400,000 data-breach penalty
Marcia Greenwood reports a follow-up to a data leak initially reported in June 2021:
Wegmans Food Markets has been hit with a $400,000 penalty for exposing the personal information of more than 3 million customers chainwide, including more than 830,000 New Yorkers, the New York State Attorney General’s Office announced Thursday.
In a statement, the office said that for years, Wegmans kept the personal information of its customers “misconfigured” in a cloud computing system with containers that were open, “making it easy for hackers and others to potentially access the information.” In addition, the company failed to maintain long-term logs of cloud assets, which made it difficult to investigate security incidents.
Read more at Democrat & Chronicle.