BUFFALO, N.Y. — Wegmans sent out an email to customers this week to alert them of a data breach.
The email states that Wegmans recently became aware of two cloud databases that were inadvertently left open to potential outside access. The information stored on these databases included customer names, addresses, phone numbers, birth dates, Shoppers Club numbers, as well as email addresses and passwords for access to Wegmans.com accounts.
Wegmans says actual passwords for wegmans.com were "hashed and salted," meaning the characters were not contained in the databases.
They say social security numbers and payment information was not impacted.
Wegmans says they are looking into how this data breach happened and have since corrected their configurations and secured the affected information.
"When we discovered the issue, we worked with leading outside experts to investigate the matter. We have since corrected configurations and secured all affected information. We have also taken steps to avoid the occurrence of similar issues in the future," said Wegmans in their statement to customers.
Wegmans says customers can change their passwords if they wish, even though passwords were protected.
New York State residents can get more information on preventing identity theft by contacting the New York Department of State Division of Consumer Protection website at: www.ny.gov/agencies/division-consumer-protection or calling 1-800-697-1220. You can also find more information at the New York State Attorney General www.ag.ny.gov/home.html or calling their office at: 1-800-771-7755.