Wegmans Fined $400K Over Data Breach, Attorney General Says

BROOKLYN, NY — Cult-favorite supermarket chain Wegmans kept the personal information of over 800,000 New Yorkers' vulnerable to hackers for years amid a chain-wide data breach for which it's now being fined $400,000, New York Attorney General Letitia James said Thursday.

James said Wegmans "recklessly" handled and exposed the personal information of over three million customers — including names, drivers license numbers and email and mail addresses — by keeping the data in misconfigured cloud storage containers vulnerable to hackers for years.

"In the 21st century, there’s no excuse for companies to have poor cybersecurity systems and practices that hurt consumers," she said.

The cloud storage containers with customers' personal information (hosted by Wegmans on Microsoft Azure) were left unsecured and publicly accessible between 2018 and the spring of 2021, according to an investigation by the Attorney General's office.

On Thursday, Wegmans — which opened its first New York City outpost in the Brooklyn Navy Yard in 2019 —forked over $400,000, and agreed to upgrade its security practices, following the investigation.

Wegmans started telling customers their information was compromised in June of last year. The breach affected more than 830,000 New Yorkers, the Attorney General's office said.

The supermarket chain agreed to pay a $400,000 penalty fine over the Attorney General's findings, but said it has always taken its customers' data very seriously.

"While we do not agree with some of the conclusions drawn by the attorney general, we cooperated fully in the investigation and are glad it has been concluded," Wegmans said in a statement reported by Reuters.

Despite the investigation's conclusion that Wegmans stored data insecurely, and the grocery chain's commitment to adopt new data security measures, Wegmans maintains that consumers' personal information wasn't misused amid the breach, Reuters reported.

Wegmans is a Rochester-based grocery chain with over 100 stores across the East Coast, mostly in the mid-Atlantic.

In 2019 the supermarket opened its first-ever New York City outpost in the Brooklyn Navy Yard, much to the excitement of the chain's enthusiasts, who are colloquially known as "Wegmaniacs."