Rite Aid said Thursday a data breach by an “unknown third party” accessed some customer personal information.

In a news release, Rite Aid said it was notified on May 31 by a vendor about the issue. Rite Aid said it immediately installed an update “to address the defect” in a software vulnerability.

No social security numbers nor financial information, such as credit card numbers, were compromised in the breach, which was discovered May 27.

Rite Aid performed a review and found “certain company files had been accessed by the unknown party.”

“Information contained in some of these files included a limited amount of protected health information such as: patient first and last names, dates of birth, addresses, prescription information including medication names and dates of fill, prescriber information, and in some instances, limited insurance information (plan name and cardholder ID).

Rite Aid said letters were mailed July 20 to any customers that may have a potential to be affected.

Customers can call Rite Aid’s assistance line at 866-373-9712, between 9 a.m. and 6:30 p.m., Monday through Friday. The line will be available through Oct. 19.

“We regret that this incident occurred. We immediately reported it to law enforcement as well as appropriate federal and state regulators.

“We take our obligation to safeguard personal information very seriously and are alerting consumers about this issue in case they would like to take any steps to help protect themselves. Consumers are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer-reporting agencies.”

Mark Heim is a reporter for The Alabama Media Group. Follow him on Twitter @Mark_Heim. He can be heard on “The Opening Kickoff” on WNSP-FM 105.5 FM in Mobile or on the free Sound of Mobile App from 6 to 9 a.m. daily.