Wegmans warns 3.2M customers’ data was vulnerable due to security issue

ROCHESTER, N.Y. (WHEC) — Wegmans Wednesday alerted customers about a security incident that left about 3.2 million customers’ information vulnerable to potential outside access.

In an email sent to customers, Wegmans said two of its cloud databases were “inadvertently left open to potential outside access” due to a "previously undiscovered configuration issue". Wegmans said the issue was brought to its attention on about April 19, 2021.

Those databases contained information including the names, addresses, phone numbers, birth dates, Shoppers Club numbers, as well as e-mail addresses and passwords for access to Wegmans.com.

However, Wegmans said the actual characters of the passwords were not contained in the databases.

The company is still suggesting that customers change their Wegmans.com password, as well as any other account that may use the same password.

Wegmans said no card information or banking information was involved, nor were Social Security numbers, as Wegmans does not collect them.

Wegmans said it has since corrected configurations and secured all of the affected information, and took steps to avoid similar issues in the future.

Wegmans says customers with questions can call 1-855-535-1851.

Click here for information about identity theft from the Federal Trade Commission, click here for New York State’s Division of Consumer Protection or click here for the New York Attorney General’s Office.

News10NBC Consumer Investigative Reporter Deanna Dewberry has done several investigations into how to tell if your email or passwords have been compromised. Click here for more resources.