Skip to content

Walmart Data Breaches: Timeline Upto Nov. 2024

walmart data breaches with timeline

In the modern technological era, data breaches have become a common occurrence that threatens the security and privacy of individuals and organizations alike. Walmart, one of the largest retail corporations in the world, has been no exception to this trend.

Over the years, Walmart has experienced several high-profile data breaches, resulting in the exposure of sensitive data belonging to millions of its customers and employees.

To prevent such data breaches from occurring in the future, Walmart has since taken numerous steps to enhance the security measures of its network.

The company has invested in new technologies, such as machine learning algorithms and advanced analytics tools, to detect and prevent cyber-attacks.

It has also implemented stricter access controls, requiring stronger passwords and multi-factor authentication for employees and vendors who access its systems.

Despite these efforts, Walmart continues to face threats from cyber-attacks, highlighting the ongoing challenges that companies face in protecting their data from sophisticated attackers.

The company’s experience underscores the need for all organizations, regardless of size or industry, to prioritize data security and implement robust security measures to safeguard their sensitive information from being exposed.

Below is the list of all Walmart data breaches with the timeline.

April 2024 — Walmart Data Breach

A data breach at Merrill Lynch, the record keeper for Walmart’s 401(k) plan, exposed personal information of 1,883 participants due to an employee’s email error on April 16, 2024. The breached data included names and Social Security numbers.

Merrill Lynch notified affected individuals on May 23 and offered two-year complimentary membership, claiming no misuse of the exposed data was observed.

The breach was characterized as an “isolated email error,” and the incident was discovered six days afterward, raising concerns about the vulnerabilities of third-party service providers.

Walmart’s 401(k) plan has approximately $36.7 billion in assets and serves nearly 1.95 million participants, highlighting the potential impact of such breaches on a large scale.

February 2024 — Walmart Data Breach

Walmart’s Spark Driver portal suffered a cyberattack, exposing sensitive data of drivers, including Social Security numbers and driver’s license details.

The breach occurred between December 2023 and February 2024. Attackers had unauthorized access for approximately two months.

Drivers like Sherry Medellin found evidence of deliveries made under their accounts without their knowledge.

Incidents have been reported in Facebook groups where drivers’ account locations were changed.

The compromised accounts are reportedly being used to deliver orders, affecting drivers’ earnings and raising identity theft concerns.

Attackers accessed sensitive data from over 200 driver accounts and the breach occurred due to credential stuffing or phishing.

October 2023 — Walmart Data Breach

On October 4, 2023, retail giant Walmart, Inc. filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR).

This filing indicates that an unauthorized party gained access to the information of over 85,000 individuals entrusted to the company. While the specific data types compromised remain unclear at this time, the incident likely involved protected health information (PHI).

If you have concerns about the Walmart data breach and its potential impact on you, consider consulting with a data breach lawyer.

January 2021 — Walmart Data Breach

Customer data on the Walmart Canada website was accessible to unauthorized persons due to a security flaw that was reported in January 2021.

An individual discovered a vulnerability in the order lookup section of the website, which enabled the viewing of customer details such as names, addresses, order dates, order contents, payment methods, and the last four digits of credit cards.

Initially, a customer tried to notify Walmart Canada of the defect but was unable to get in touch with them. Subsequently, the customer contacted a nearby news outlet, which verified the problem and ultimately managed to get in touch with Walmart after confirming the customer’s claim.

Walmart Canada quickly set up a redirection to another page, presumably to investigate a solution, after identifying the same vulnerability on a related page.

However, it is uncertain if any customer data was obtained by malicious individuals or how many customers may have been exposed to the issue.

March 2019 — Walmart Data Breach

In March 2019, reports surfaced that an investigation was underway regarding the unauthorized access of internal Walmart emails by workers of a third-party vendor of Walmart.

The vendor in question was Compucom, a technology contractor that was purchased by Office Depot in 2017.

The FBI included the names of Compucom staff in a search warrant, alleging that they had examined Walmart’s internal communications to gain an advantage over rivals while submitting contract proposals.

It has been reported that the act of snooping through emails started in late 2015 and lasted until early 2016. It is alleged that an employee of Compucom shared information found in Walmart company emails using his personal email account.

An employee from Compucom stumbled upon the activity after taking a photo of an internal message from Walmart that discussed disciplinary action.

The employee then sent the photo to a Walmart colleague, but it was accidentally forwarded to another Walmart employee’s daughter, who then reported the incident.

March 2018 — Walmart Data Breach

Data on 1.3 million customers of Limoges Jewelry, a Walmart Partner operated by MBM Company, was exposed after an Amazon S3 bucket was made publicly accessible by the company.

Initially, a cybersecurity firm suspected that the data leak involved Walmart-managed data, but it was later discovered that the responsibility lay with MBM Company.

A considerable quantity of personally identifiable information (PII) of customers was present in the database, comprising names, addresses, phone numbers, emails, and unencrypted passwords.

The records pertained to over 1.3 million customers from the United States and Canada who shopped at Walmart and other prominent retailers like Amazon and Target.

The data being studied by researchers was believed to be a potential primary customer database for MBM Company, with some records dating back to 2000 and others as recent as early 2018.

July 2015 — Walmart Data Breach

Walmart Canada and CVS announced in July 2015 that millions of customers may have had their credit card information compromised due to a potential data breach involving a Canadian third-party tech vendor associated with the photo processing section of their websites.

Staples-owned PNI Digital Media, responsible for hosting the photo processing sites and gathering customer payment information, was the third party mentioned. As a result, the retailers decided to deactivate the photo-processing features of their sites and mobile apps.

October 2009 — Walmart Data Breach

In 2009, it was reported that Walmart’s point-of-sale system source code had been hacked. The hack is said to have taken place in 2005 and 2006, during which time the hackers targeted the development team responsible for creating the point-of-sale system.

The source code, as well as other confidential information, was sent to a computer located in Belarus.

Before news of the breach became public, Walmart was already aware of it and regarded it as an internal matter since it did not involve any sensitive customer data.

In 2006, Walmart took action to address the problem, including notifying federal law enforcement, which was already investigating other similar breaches that occurred during the same period.

After experiencing a server crash, Walmart detected a breach in its system. During their investigation of the server, they discovered a password-cracking tool, which was the cause of the crash.

Further analysis revealed that the tool had been installed by a hacker who had gained remote access to the system through a VPN account linked to a former Walmart employee. The account had not been adequately closed after the employee’s departure from the company.

Following the deactivation of the initial VPN account, the hacker endeavored to gain access through a secondary VPN account that belonged to another staff member.

After the second VPN was terminated, the hacker made a third attempt using a different account.

The inquiry uncovered evidence suggesting that the hacker may have targeted over 800 devices since June 2005.

Kevin James

Kevin James

I'm Kevin James, and I'm passionate about writing on Security and cybersecurity topics. Here, I'd like to share a bit more about myself. I hold a Bachelor of Science in Cybersecurity from Utica College, New York, which has been the foundation of my career in cybersecurity. As a writer, I have the privilege of sharing my insights and knowledge on a wide range of cybersecurity topics. You'll find my articles here at Cybersecurityforme.com, covering the latest trends, threats, and solutions in the field.