Update: New retail data breach may have affected millions of Hannaford shoppers
Grocery chain acknowledges intrusions into its systems, says payment card data stolen
Computerworld - Hannaford Bros. Co., a Maine-based supermarket chain, today disclosed that it had been hit by intrusions into its computer network — a data breach that may force banks in the Northeast and Florida to block and reissue hundreds of thousands, or even millions, of credit and debit cards.
In one of the first official confirmations of something that has been rumored for the past few days, the Massachusetts Bankers Association (MBA) today issued a statement warning consumers about a large retail data security breach that occurred between Dec. 7 and March 10.
The MBA said that nearly 70 of its member banks have been contacted about the breach by MasterCard and Visa. The group added that although the credit card companies didn't disclose the name of the involved merchant, they described it as a "major retailer."
Hannaford later posted an advisory signed by President and CEO Ronald Hodge on its Web site, saying that the grocer had contained the intrusions after being "made aware of suspicious credit card activity" on Feb. 27. Hodge said in the advisory that credit and debit card numbers and expiration dates were stolen from Hannaford's systems during the transmission of data for transaction authorization purposes.
But he added that no names, addresses or other identifying information was taken. He also wrote that the company "doesn't collect, know or keep any personally identifiable customer information from transactions."
According to Hannaford, the breach affected customers at the company's supermarkets in New England and New York, as well as at its Sweetbay stores in Florida. Transactions conducted at some independently owned retail stores in the Northeast that carry Hannaford products were also affected, the company said.
In the message from Hodge, Hannaford didn't mention the number of payment cards that were compromised. But citing company officials, the Associated Press reported that as many as 4.2 million credit and debit card numbers may have been taken, and that about 1,800 cases of fraud have been reported as a result of the breach thus far.
Hannaford said customers who have used their credit or debit cards to make purchases at its stores over the past three months should notify their card issuer or bank, and check their card statements for any potentially fraudulent transactions. "We sincerely regret this intrusion into our systems, which we believe are among the strongest in the industry," Hodge wrote in the advisory.
The company defended its security measures, saying in a "customer Q&A" document that they meet and in many cases "go above and beyond" industry standards. But Hannaford added that it is "committed to taking whatever steps may be necessary" to beef up its IT defenses to prevent similar incidents in the future.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts