Giant Eagle fixes potential security flaw

internet

PITTSBURGH, Pa. (WKBN) — A former Giant Eagle employee said she received a letter from the company stating that its corporate human resources internal website could have had a security compromise.

An employee notified the company of the potential issue on May 24. The company investigated and disabled the problematic functionality on May 27, according to the letter.

The letter states that while properly logged into the employee portal, it was possible, yet difficult, to access names and Social Security numbers for Giant Eagle employees and entities for which Giant Eagle provides payroll services. It states financial and other personal information was not able to be viewed.

The company stated that there is no evidence any personal information was actually viewed by anyone since the problem was on an internal portal, but the company is offering all current and former employees a 12-month membership in Experian’s ID Alert at the company’s expense.

“The portal contained the names and Social Security numbers of current and former Team Members and the employees of some independently owned Giant Eagle locations.  We do not have any evidence that the personal information was viewed by anyone else, or that any information was compromised in any manner,” said Giant Eagle spokesman Daniel Donovan.

Donovan stressed that the company is not aware of any identity fraud, theft or other harmful activity resulting from the issue. He also noted that customers were not affected in any way.

 

 

WKBN 27 First News provides commenting to allow for constructive discussion on the stories we cover. In order to comment here, you acknowledge you have read and agreed to our Terms of Service. Commenters who violate these terms, including use of vulgar language or racial slurs, will be banned. No links will be permitted. Please be respectful of the opinions of others. If you see an inappropriate comment, please flag it for our moderators to review.

blog comments powered by Disqus