retail news in context, analysis with attitude

Supervalu said last week that it "experienced a criminal intrusion into the portion of its computer network that processes payment card transactions for some of its retail food stores, including some of its associated stand-alone liquor stores. This criminal intrusion may have resulted in the theft of account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder’s name, from payment cards used at some point of sale systems at some of the Company’s owned and franchised stores. "

Supervalu went on to say that it "has not determined that any such cardholder data was in fact stolen by the intruder, and it has no evidence of any misuse of any such data, but is making this announcement out of an abundance of caution."

Law enforcement agencies have been consulted and are investigating.

Supervalu said that it believes the hacking took place between June 22 and July 17 and affected stores that include those operated under the Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy banners.

In addition, some stores owned and operated by Albertson’s LLC and New Albertson’s - including Albertsons stores in Southern California, Idaho, Montana, North Dakota, Nevada, Oregon, Washington, Wyoming and Southern Utah, Acme Markets in Pennsylvania, Maryland, Delaware and New Jersey, Jewel-Osco stores in Iowa, Illinois and Indiana, and Shaw's and Star Markets stores in Maine, Massachusetts, Vermont, New Hampshire and Rhode Island - have been affected by the hacking.

Albertsons notes that these stores use Supervalu as their "third party IT services provider," though in its statement, Supervalu says that it "believes that any losses incurred by Albertson’s LLC or New Albertson’s, Inc. as a result of the intrusion affecting their stores would not be Supervalu's responsibility."

The Supervalu breach is similar to a number of other high-profile data hacking incidents that have taken place in recent months, including the Target Corp. breach that put tens of millions of payment hard numbers at risk.
KC's View:
If one of the goals of the people/countries doing the hacking is to make the American consumer paranoid, it may be working … I can't even pump gas these days without worrying about card security.