Dollar Tree confirms significant data breach

News
By
published

A supply chain attack resulted in stolen Social Security Numbers

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

UPDATE: In a statement, a Dollar Tree spokesperson told TechRadar Pro, "Zeroed-In is a vendor that we and other companies use. They informed us that they identified a security incident, and they provided notice of the incident to current and former employees." 

Retail giant Dollar Tree has become the latest victim in a long list of supply-chain attacks.

In a data breach notification filed with the Maine Attorney General, the company’s service provider Zeroed-In Technologies was breached, and sensitive data from its client stolen over August 7 and 8 2023. 

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Potential for class-action lawsuits

So far, it was confirmed that at least some of the data belonged to the employees of Dollar Tree and Family Dollar.

"While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor," the company said in a letter sent to the victims, BleepingComputer reports. 

"Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates."

Besides notifying the victims, Zeroed-In enrolled them in a year-long identity protection and credit monitoring service.

The media are also reporting that different law firms started investigating the breach to see if there is any potential for a class-action lawsuit against Zeroed-In.

Console & Associates, for example, set up a dedicated landing page saying “Our data breach lawyers are eager to speak to victims of the ZeroedIn Technologies data breach to determine what damages they sustained and what compensation may be available to them.”

The company is currently silent on the matter, as there is nothing on its newsroom site or Twitter. The type of attack that Zeroed-In suffered remains a mystery. We don’t know if it was infostealing malware, or if the company suffered a ransomware attack.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Code Skull
Termite ransomware gang claims it carried out Blue Yonder attack
An abstract image of padlocks overlaying a digital background.
Thousands of Bitcoin ATM users may have personal data leaked after breach
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
A person holding a credit card in one hand while typing on a laptop keyboard with the other.
Zagg warns customers their data may have been stolen in third-party cyberattack
A person with a laptop using a credit card online.
Avery label maker confirms attack on its site, customer credit card info stolen
Latest in Security
A TV remote pointing at YouTube logo
YouTube warns of phishing video using its CEO as bait
China
Microsoft says Chinese Silk Typhoon hackers are targeting cloud and IT apps to steal business data
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
BadBox malware hit after infecting over 500,000 Android devices
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Woman using iMessage on iPhone
Apple to take legal action against British Government over backdoor request
Latest in News
An Nvidia GeForce RTX 5080 resting on an RTX 5090 on a gray crafting mat.
Corsair tells us only one of its prebuilt PCs with an RTX 5000 GPU has suffered from chip-level fault, suggesting it’s as rare as Nvidia claimed
Fujfilm GFX 50R
First Fujifilm GFX100RF images leaked in build-up to expected reveal – here’s what they tell us about the unique premium compact camera
Samsung Galaxy Z Flip 6 in blue
The Samsung Galaxy Z Flip 7 could have a Motorola Razr-style full-sized cover screen – and I think it’s about time
Spotify logo on a mobile device
Had Spotify problems recently? It's clamped down on Premium APK 'modded' apps – here's what's happening
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
Last-minute AMD RX 9070 XT stock rumors are making me hopeful for a much better launch than Nvidia’s RTX 5000 GPUs – with just one snag
eSIM
Global eSIM shipment volume surpasses half a billion units as demand keeps on growing
More about security
A TV remote pointing at YouTube logo

YouTube warns of phishing video using its CEO as bait
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

BadBox malware hit after infecting over 500,000 Android devices
An Nvidia GeForce RTX 5080 resting on an RTX 5090 on a gray crafting mat.

Corsair tells us only one of its prebuilt PCs with an RTX 5000 GPU has suffered from chip-level fault, suggesting it’s as rare as Nvidia claimed
See more latest
Most Popular
An Nvidia GeForce RTX 5080 resting on an RTX 5090 on a gray crafting mat.
Corsair tells us only one of its prebuilt PCs with an RTX 5000 GPU has suffered from chip-level fault, suggesting it’s as rare as Nvidia claimed
watch back to the future online
Everything new on Prime Video in March 2025
woman sit on couch near laptop take break reduce stress do yoga meditation exercise to calm down self control get rid of negative emotions, bad e-mail, difficult task, problems at work concept
IT industry workers hit badly by burnout, stress - but there's still potential for success
Spotify logo on a mobile device
Had Spotify problems recently? It's clamped down on Premium APK 'modded' apps – here's what's happening
A TV in a living room with the language settings displayed
Prime Video is testing AI dubbing to make movies and shows more accessible – and might avoid the backlash that hit Netflix
Shazam song search on an iPhone
Shazam now makes it super-easy to add identified songs to a Spotify or Apple Music playlist – here’s how it works
A TV remote pointing at YouTube logo
YouTube warns of phishing video using its CEO as bait
Owen Hendricks looks at something off camera in The Recruit season 2.
Netflix aborts mission on hit spy thriller The Recruit and I know which show to blame for its cancelation
The Nvidia and AMD logos clashing with lightning bolts around them.
Sure, Nvidia DLSS 4 is incredibly impressive - but AMD's improved upscaling tech could be a real game-changer
Fujfilm GFX 50R
First Fujifilm GFX100RF images leaked in build-up to expected reveal – here’s what they tell us about the unique premium compact camera