The INC Ransomware group has claimed responsibility for a significant data breach affecting Dollar Tree, the popular American retail chain known for its budget-friendly pricing. The group alleges that it has stolen 1.2TB of sensitive and personal data from the retailer, a claim that was highlighted on their dark web leak site earlier today. Despite being a Fortune 500 company with reported revenues of $17.58 billion in fiscal year 2025, this incident raises serious concerns about the cybersecurity measures in place at Dollar Tree.
According to reports from Hackread.com, the INC Ransomware group has indicated that the stolen data will soon be published on their blog. The data purportedly includes crucial documents such as passport copies, payroll forms, job letters, and legal correspondences, raising alarms about the serious implications for those affected.
In response to the allegations, a Dollar Tree spokesperson stated that while the ransomware group named the retail chain, the data likely originated from employees of 99 Cents Only Stores, a separate entity from which Dollar Tree only acquired select real estate leases. Dollar Tree emphatically denied any acquisition of the corporate entity, its systems, or any associated data, describing the allegations as inaccurate.
The INC Ransomware group, which has been operating since at least July 2023, is notorious for targeting various industries, primarily focusing on organizations in the United States and Europe. Their past incidents include the breach of Ahold Delhaize, resulting in the theft of 6TB of data, and a targeted attack on the UK’s National Health Service. Their modus operandi often involves double-extortion tactics, encrypting data while also threatening to leak it unless their ransom demands are met. The group has allegedly demanded ransoms exceeding $5 million in some instances, indicating the high stakes involved in these cybercrimes.
The situation surrounding the Dollar Tree breach underscores the ongoing challenges posed by ransomware attacks in today’s digital landscape. Just last week, NASCAR confirmed a data breach arising from another ransomware attack, amplifying concerns over escalating cybersecurity threats facing both private and public sectors. As more details emerge, stakeholders in the industry continue to emphasize the urgent need for robust security measures.