The U.S., Russia, and Canada accounted for most of the vulnerable Exim servers, which are on versions 4.97.1 or earlier, according to a report from Censys.
Nearly $15 million of the received payment, which was also confirmed by another source close to the matter, has been reallocated to over 20 addresses across five global exchanges.
While RansomHub admitted to having compromised Rite Aid customers' ID numbers and rewards numbers, Rite Aid emphasized that none of its clients' health information, financial details, and Social Security numbers have been exposed.