Over 95,000 Mainers Affected by Hannaford Cybersecurity Breach

Maine, USA – More than 95,000 residents are among the 2.2 million individuals affected by a significant cybersecurity breach involving Ahold Delhaize USA, the parent company of Hannaford Supermarkets. The breach, which took place in November 2024, allowed unauthorized access to sensitive information from the company’s IT systems.

On Thursday, Ahold Delhaize notified affected customers and employees about the extent of the breach, detailing the types of personal information compromised. This includes names, home and email addresses, Social Security and driver’s license numbers, bank account numbers, and workers’ compensation information. Ahold Delhaize stated in the notice that the types of impacted information may vary by individual.

Although initial communications from Hannaford raised concerns about their IT security, the specifics of the breach were not revealed until recently. Ahold Delhaize is offering two years of free credit monitoring and identity protection services to those affected, urging them to regularly check their account statements and credit reports for any suspicious activity.

This incident contributes to a troubling trend in Maine, which has faced several large-scale cybersecurity breaches this year, including attacks targeting software used by state schools and health care facilities. According to the FBI’s Internet Crime Report, Maine ranked 46th in the nation for cybercrime complaints, with more than 2,100 cases filed in 2024.

With online shopping on the rise, cybersecurity experts warn that grocery retailers like Hannaford are becoming more attractive targets for hackers. The breach highlights ongoing vulnerabilities that accompany the increasing digitization of personal information.

As the investigation continues, Ahold Delhaize confirmed that customer payment and pharmacy systems were not compromised, directing their focus on employee data instead. The company has established a help desk to assist affected individuals with questions regarding the breach and its potential impacts.