Giant Eagle fixes potential security flaw

COMPUTER-KEYBOARD-SCREEN-INTERNET

PITTSBURGH, Pa. (WKBN) — A former Giant Eagle employee said she received a letter from the company stating that its corporate human resources internal website could have had a security compromise.

An employee notified the company of the potential issue on May 24. The company investigated and disabled the problematic functionality on May 27, according to the letter.

The letter states that while properly logged into the employee portal, it was possible, yet difficult, to access names and Social Security numbers for Giant Eagle employees and entities for which Giant Eagle provides payroll services. It states financial and other personal information was not able to be viewed.

The company stated that there is no evidence any personal information was actually viewed by anyone since the problem was on an internal portal, but the company is offering all current and former employees a 12-month membership in Experian’s ID Alert at the company’s expense.

“The portal contained the names and Social Security numbers of current and former Team Members and the employees of some independently owned Giant Eagle locations.  We do not have any evidence that the personal information was viewed by anyone else, or that any information was compromised in any manner,” said Giant Eagle spokesman Daniel Donovan.

Donovan stressed that the company is not aware of any identity fraud, theft or other harmful activity resulting from the issue. He also noted that customers were not affected in any way.

 

 

blog comments powered by Disqus