Feeds

Supermarket loses 4.2 million credit card details

Supermarket identity sweep

Top 5 reasons to deploy VMware with Tegile

A New England-based supermarket chain has warned of an information security breach that exposed an estimated 4.2 million credit card records.

Hannaford said hackers might have accessed customer credit and debit card numbers - but not the corresponding names or addresses - after hacking into systems involving card authorisation. Details on exactly how the breach happened are unclear, but the problem is reckoned to have extended from 7 December until its discovery earlier this month.

"The stolen data was limited to credit and debit card numbers and expiration dates, and was illegally accessed from our computer systems during transmission of card authorisation," Hannaford chief exec Ron Hodge said in an open letter to customers posted on the grocer's website.

The intrusion affected all 165 Hannaford stores, 106 Sweetbay stores in Florida, and some independently-owned retailers in New England that use Hannaford's payment systems.

Hannaford apologised for the snafu and offered to help field customer concerns through its information centre at 866-591-4580. It urged customers to keep a close eye on their credit card bills in case any unauthorised transactions appear.

The supermarket chain told the Boston Globe that the breach potentially exposed 4.2 million credit and debit card numbers. About 1,800 cases of fraud have being linked to the breach, the paper adds. The US Secret Service is investigating the attack.

Hannaford Bros is based in Maine, USA, but owned by Belgium's Delhaize Group.

The Hannaford's breach is extensive, but small potatoes compared to the estimated 45.7 million accounts compromised over a period of two years as a result of a customer data breach at retailer TJX, which runs T.J. Maxx and Marshalls retail chains. A badly secured wireless network at one of TJX's stores was blamed for the breach, the worst example in an increasing long list of customer data security breaches to date. ®

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.