We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Dollar Tree Third-Party Data Breach Impacts 2 Million People

Dollar Tree Third-Party Data Breach Impacts 2 Million People
Author Image Zane Kennedy
Zane Kennedy Published on 4th December 2023 Cybersecurity Researcher

Dollar Tree, a prominent discount retail company, has been caught in the crossfire of a significant data breach targeting its service provider, Zeroed-In Technologies. The breach, affecting nearly 2 million individuals, primarily compromises the personal information of Dollar Tree and Family Dollar employees.

The breach was first detected on August 8, 2023, when Zeroed-In noticed suspicious network system activity. An immediate investigation revealed that an unauthorized actor had accessed their systems between August 7 and 8. The depth of the breach became evident when Zeroed-In confirmed the intrusion but could not ascertain the complete extent of the data extraction.

The compromised data includes sensitive personal information like names, dates of birth, and Social Security numbers (SSNs). Zeroed-In's failure to specify the exact nature of the accessed or stolen data during the breach further complicates the situation for the affected individuals.

As per the breach notification shared with the Maine Attorney General, Zeroed-In completed a comprehensive review of the impacted systems by August 31, 2023. This review led to the identification of the affected individuals, including approximately 7,034 Maine residents.

In response to the breach, Zeroed-In has initiated multiple steps to mitigate the aftermath and prevent future incidents. These include notifying federal law enforcement, revising security policies and procedures, and implementing additional safeguards. The company is also offering a 12-month complimentary credit monitoring service through TransUnion to support the impacted individuals.

Furthermore, Zeroed-In is providing detailed guidance to the affected parties on protecting against identity theft and fraud. This includes information on placing fraud alerts, freezing credit files, contacting consumer reporting agencies, and monitoring credit reports.

The implications of this breach extend beyond the immediate data loss. Investigations by law enforcement agencies and potential legal actions, including class-action lawsuits, are underway. The breach's scale and the sensitive nature of the compromised data have drawn the attention of law firms and regulatory bodies, highlighting the critical importance of robust cybersecurity measures in protecting personal information.

This incident serves as a stark reminder of the vulnerabilities in our digital ecosystem, especially regarding third-party service providers. As we await further updates from Zeroed-In and the affected companies, the focus shifts to enhancing cybersecurity infrastructure and reinforcing data protection protocols to safeguard against such breaches in the future.

About the Author

Zane is a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provides readers with accurate and trustworthy news stories and articles. He aims to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.