DTS
Company Details
Linkedin ID:
dollar-tree-stores
Website:
Employees number:
57,187
Number of followers:
252,022
NAICS:
43
Industry Type:
Homepage:
dollartree.com
IP Addresses:
99
Company ID:
DOL_9612070
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Dollar Tree Stores Vendor Cyber Rating & Cyber Score
dollartree.comDollar Tree remains committed to our original mission: giving our customers extreme value at low prices. Employing more than 150,000 associates across a network of 9,000 stores and 18 distribution centers in North America, we’re fulfilling that mission more now than ever before. We see an exciting path forward as we continue to grow and transform – and we know that this path starts with you. Join our team today and discover The Value of You!
Dollar Tree Stores A.I CyberSecurity Scoring
DTS Risk Score (AI oriented)Between 700 and 749
DTS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
DTS Global Score (TPRM)XXXX
DTS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
DTS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Dollar Tree
Ransomware
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The INC Ransomware group claimed responsibility for a data breach at Dollar Tree, alleging the theft of 1.2TB of sensitive and personal data, including passport copies, payroll forms, job letters, legal correspondence, and complaints involving sexual harassment and discrimination cases. The leaked data primarily pertains to former employees of 99 Cents Only Stores, a separate entity from which Dollar Tree acquired only real estate lease rights not its systems or data. Despite Dollar Tree’s denial of direct involvement, the ransomware group insists the breach is tied to the company. INC Ransomware, known for double-extortion tactics, has previously targeted high-profile victims like Ahold Delhaize (6TB stolen) and the UK’s NHS, demanding ransoms exceeding $5 million. The group operates with sophisticated malware, often rebranding (e.g., as *Lynx*) while maintaining aggressive extortion strategies. The breach underscores escalating cyber threats against major corporations, with employee data exposure posing reputational, legal, and operational risks. Dollar Tree’s response emphasizes the data’s origin from 99 Cents Only Stores, but the incident highlights vulnerabilities in third-party associations.
DTS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for DTS
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Dollar Tree Stores in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Dollar Tree Stores in 2026.
Incident Types DTS vs Retail Industry Avg (This Year)
No incidents recorded for Dollar Tree Stores in 2026.
Incident History — DTS (X = Date, Y = Severity)
DTS cyber incidents detection timeline including parent company and subsidiaries
DTS Company Subsidiaries
Dollar Tree remains committed to our original mission: giving our customers extreme value at low prices. Employing more than 150,000 associates across a network of 9,000 stores and 18 distribution centers in North America, we’re fulfilling that mission more now than ever before. We see an exciting path forward as we continue to grow and transform – and we know that this path starts with you. Join our team today and discover The Value of You!
Loading...
DTS Similar Companies
Nordstrom
At Nordstrom, we empower our employees to set their sights high and blaze their own trails. This is a place where your success and growth are truly a result of your own efforts and achievements. Our teams are made up of motivated people who work hard to become leaders within the company, at all
At Chewy, our mission is to be the most trusted and convenient destination for pet parents and partners, everywhere. We view pets and pet parents as family and are obsessed with meeting their needs and exceeding customer expectations through every interaction. Behind the scenes, our talented teams
There are over 128,000 of us across Australia. We’re in the biggest cities and the tiniest towns. We’re meal creators and digital developers. Number crunchers and fresh food deliverers. Yes, we all have many skills and wear many hats. But we’re all the same team, because we’re all Fresh Food People.
H-E-B
H-E-B is headquartered in San Antonio, Texas with approximately $46 billion in revenue and 160,000+ Partners. Founded in 1905, H-E-B operates more than 435 stores in a number of formats, including H-E-B, Joe V’s Smart Shop, Central Market, Mi Tienda, and Favor. There are truly aisles and aisles of
Next
At Next we never underestimate what we can do. Bring your energy, play to your strengths and never shy away from change. Push yourself and back others. Make things happen that will be bigger and better than before. Come and work for one of the UK’s biggest retailers. It is everything you could ima
Apparel Group
Apparel Group is a multi-award-winning global fashion and lifestyle retail conglomerate based in Dubai, UAE, with operations across the GCC. Today, Apparel Group caters to millions of eager shoppers through its 2,300+ retail stores and 85+ brands on all platforms while employing over 27,000 multicul
Ahold Delhaize is one of the world’s largest food retail groups, we are a leader in supermarkets and e-commerce, and a company at the forefront of sustainable retailing. Our local brands employ around 393,000 associates in around 9,400 local grocery, small format, and specialty stores. Our family
Menards
Menards home improvement stores are conveniently located throughout the Midwest in a 14-state region. From the novice do-it-yourselfer to the experienced contractor, Menards has something for everyone! As a family-owned and operated business, Menards is truly dedicated to service and quality and is
Groupement Mousquetaires
Avec près de 4000 points de vente en Europe et un chiffre d'affaires de 53,39 milliards d'euros en 2022, Le Groupement Les Mousquetaires est un acteur majeur de la grande distribution. Créé en France en 1969, le Groupement, fondé sur l'initiative privée, rassemble aujourd'hui plus de 3 000 chefs d
.png)
DTS CyberSecurity News
March 27, 2026 01:29 PM
Discount chain closes over 75 stores and raises prices
Dollar stores used to have a simple mission. Every item was sold for a dollar, which made shopping easier for customers.
March 26, 2026 10:30 PM
SouthWest Bank hosts fraud awareness event with FBI, cybersecurity experts
SouthWest Bank hosted a fraud awareness event Thursday at the Odessa Country Club, bringing together cybersecurity experts and the FBI to...
March 25, 2026 12:07 PM
Dollar Tree fixes big shopper complaint about pricing
Shopping at Dollar Tree used to be pretty predictable. You'd walk in, check out the selection, and load up your basket knowing confidently...
March 12, 2026 07:00 AM
Dollar Tree quietly adds more higher-priced items
Dollar Tree is straying even further from its core price point, and customers are starting to take notice.
February 27, 2026 08:00 AM
Dollar Tree opens stores in surprising locations
Shopping at Dollar Tree used to be a pretty predictable experience. You'd walk in, look around, and take comfort in the fact that no matter...
February 11, 2026 08:00 AM
Dollar Tree reaps the trade-down — and the upsell
An entire K-shaped economy could fit into a Dollar Tree store.
January 31, 2026 08:00 AM
Family of woman found dead in Dollar Store freezer files $50M lawsuit
The family of Helen Massiell Garay Sanchez has filed a $50 million lawsuit after her death in a Dollar Tree freezer.
January 25, 2026 08:00 AM
Dollar Tree squanders huge opportunity with customers
Shopping at Dollar Tree used to be fairly predictable. You'd walk into the store, browse the inventory, and know in your head that no matter...
January 01, 2026 08:00 AM
Dollar Tree store hours for New Year’s Day 2026
New Year's Day is often the most chill of all the major holidays. Most people have returned from their December travels and are slowly...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DTS CyberSecurity History Information
Official Website of Dollar Tree Stores
The official website of Dollar Tree Stores is http://careers.dollartree.com.
Dollar Tree Stores’s AI-Generated Cybersecurity Score
According to Rankiteo, Dollar Tree Stores’s AI-generated cybersecurity score is 734, reflecting their Moderate security posture.
How many security badges does Dollar Tree Stores’ have ?
According to Rankiteo, Dollar Tree Stores currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Dollar Tree Stores been affected by any supply chain cyber incidents ?
According to Rankiteo, Dollar Tree Stores has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Dollar Tree Stores have SOC 2 Type 1 certification ?
According to Rankiteo, Dollar Tree Stores is not certified under SOC 2 Type 1.
Does Dollar Tree Stores have SOC 2 Type 2 certification ?
According to Rankiteo, Dollar Tree Stores does not hold a SOC 2 Type 2 certification.
Does Dollar Tree Stores comply with GDPR ?
According to Rankiteo, Dollar Tree Stores is not listed as GDPR compliant.
Does Dollar Tree Stores have PCI DSS certification ?
According to Rankiteo, Dollar Tree Stores does not currently maintain PCI DSS compliance.
Does Dollar Tree Stores comply with HIPAA ?
According to Rankiteo, Dollar Tree Stores is not compliant with HIPAA regulations.
Does Dollar Tree Stores have ISO 27001 certification ?
According to Rankiteo,Dollar Tree Stores is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Dollar Tree Stores
Dollar Tree Stores operates primarily in the Retail industry.
Number of Employees at Dollar Tree Stores
Dollar Tree Stores employs approximately 57,187 people worldwide.
Subsidiaries Owned by Dollar Tree Stores
Dollar Tree Stores presently has no subsidiaries across any sectors.
Dollar Tree Stores’s LinkedIn Followers
Dollar Tree Stores’s official LinkedIn profile has approximately 252,022 followers.
NAICS Classification of Dollar Tree Stores
Dollar Tree Stores is classified under the NAICS code 43, which corresponds to Retail Trade.
Dollar Tree Stores’s Presence on Crunchbase
Yes, Dollar Tree Stores has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/dollar-tree-stores-inc.
Dollar Tree Stores’s Presence on LinkedIn
Yes, Dollar Tree Stores maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dollar-tree-stores.
Cybersecurity Incidents Involving Dollar Tree Stores
As of April 02, 2026, Rankiteo reports that Dollar Tree Stores has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Dollar Tree Stores has an estimated 15,730 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Dollar Tree Stores ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Dollar Tree Stores detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public denial of involvement; clarification that data likely originated from 99 cents only stores..
Incident Details
Can you provide details on each incident ?
Title: Dollar Tree Data Breach Claimed by INC Ransomware Group
Description: The INC Ransomware group claimed responsibility for a data breach at Dollar Tree, alleging the theft of 1.2TB of sensitive and personal data, including passport copies, payroll forms, job letters, agreements, legal correspondence, and complaints detailing sexual harassment and discrimination cases. Dollar Tree denied involvement, stating the data likely originated from 99 Cents Only Stores, from which it acquired only select real estate lease rights. The ransomware group, known for double-extortion tactics, has a history of high-profile attacks, including those on Ahold Delhaize and the UK’s NHS.
Date Publicly Disclosed: 2025-07-29
Type: Data Breach
Threat Actor: INC Ransomware (GOLD IONIC / Lynx)
Motivation: Financial GainData TheftExtortion
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach DOL3762937090425
Data Compromised: Passport copies, Payroll forms, Job letters, Agreements, Legal correspondence, Complaints (sexual harassment, discrimination)
Brand Reputation Impact: Potential reputational damage due to association with data breach claims
Identity Theft Risk: High (due to exposure of PII and sensitive documents)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Identifiable Information (Pii), Legal Documents, Employment Records, Sensitive Complaints and .
Which entities were affected by each incident ?
Incident : Data Breach DOL3762937090425
Entity Name: Dollar Tree
Entity Type: Retail Chain
Industry: Retail
Location: United States
Size: Fortune 500 (Revenue: $17.58B in FY2025)
Incident : Data Breach DOL3762937090425
Entity Name: 99 Cents Only Stores
Entity Type: Retail Chain (Defunct)
Industry: Retail
Location: United States
Customers Affected: Former employees (data allegedly sourced from this entity)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach DOL3762937090425
Communication Strategy: Public denial of involvement; clarification that data likely originated from 99 Cents Only Stores
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach DOL3762937090425
Type of Data Compromised: Personal identifiable information (pii), Legal documents, Employment records, Sensitive complaints
Sensitivity of Data: High (includes passports, legal correspondence, harassment complaints)
Data Exfiltration: 1.2TB of data allegedly stolen
File Types Exposed: PDFsDocumentsScanned Images
Personally Identifiable Information: Passport copiesPayroll detailsEmployee namesLegal case details
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach DOL3762937090425
Ransomware Strain: INC Ransomware (aka GOLD IONIC / Lynx)
Data Exfiltration: 1.2TB of data threatened for public release
References
Where can I find more information about each incident ?
Incident : Data Breach DOL3762937090425
Source: Hackread.com
URL: https://www.hackread.com/inc-ransomware-dollar-tree-data-breach/
Date Accessed: 2025-07-29
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Hackread.comUrl: https://www.hackread.com/inc-ransomware-dollar-tree-data-breach/Date Accessed: 2025-07-29.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach DOL3762937090425
Investigation Status: Ongoing; Dollar Tree denies involvement, attributes data to 99 Cents Only Stores
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public denial of involvement; clarification that data likely originated from 99 Cents Only Stores.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach DOL3762937090425
Stakeholder Advisories: Public statement denying involvement and clarifying data origin
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Public statement denying involvement and clarifying data origin.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an INC Ransomware (GOLD IONIC / Lynx).
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-07-29.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Passport copies, Payroll forms, Job letters, Agreements, Legal correspondence, Complaints (sexual harassment, discrimination) and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Job letters, Agreements, Payroll forms, Legal correspondence, Passport copies, Complaints (sexual harassment and discrimination).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Hackread.com.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.hackread.com/inc-ransomware-dollar-tree-data-breach/ .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing; Dollar Tree denies involvement, attributes data to 99 Cents Only Stores.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Public statement denying involvement and clarifying data origin, .
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dollar-tree-stores' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
