Supervalu becomes latest to suffer data breach (Update)

Aug 15, 2014 by Michelle Chapman
In this Jan. 9, 2012 file photo, customers exit a Shop' Save grocery store in Mount Lebanon, Pa. Supervalu said Friday, Aug. 15, 2014, that a potential data breach may have impacted about 200 of its stores and reached stores it sold off last year. The announcement is just the latest disclosure by a business that its systems have been intruded, with P.F. Chang's, Target and others among those recently revealing breaches. Within the grocery sector, chains such as Yoke's Fresh Market and Super 1 Foods were hit by a data breach between September and November 2013. (AP Photo/Gene J. Puskar, File)

A data breach at Supervalu may have impacted as many as 200 of its grocery and liquor stores and potentially affected retail chains recently sold by the company in two dozen states.

The announcement lengthens the list of retailers that have had security walls breached in recent months, including Target, P.F. Chang's and even the thrift store operations of Goodwill Industries International Inc.

Hackers accessed a network that processes Supervalu transactions, with account numbers, expiration dates, card holder names and other information possibly stolen, the company said. Those systems are still being used by the stores sold off by Supervalu last year for $3.3 billion, potentially opening up customer data at those stores as well.

The breach occurred between June 22 and July 17, according to Supervalu, which said it took immediate steps to secure that portion of its network.

The cards from which data may have been stolen were used at 180 Supervalu stores and liquor stores run under the Cub Foods, Farm Fresh, Hornbacher's, Shop 'n Save and Shoppers Food & Pharmacy names. Data may also have been stolen from 29 franchised Cub Foods stores and liquor stores. Those stores in North Dakota, Minnesota, Illinois, Virginia, North Carolina, Maryland and Missouri.

But Supervalu said that a related criminal intrusion occurred at the chain stores it sold to Cerebus Capital Management LP in March 2013, stores that Supervalu continues to supply with information technology services.

Those stores include Albertsons, Acme, Jewel-Osco, Shaw's and Star Market—and related Osco and Sav-on in-store pharmacies in two dozen states.

Cerebus affiliate AB Acquisition said that it's working closely with Supervalu to evaluate the scope of the potential breach.

Supervalu has yet to determine if any cardholder data was actually stolen and said Friday that there's no evidence of any customer data being misused. Information about the breach was released out of "an abundance of caution," the company said.

The company believes that the intrusion has been contained and it said it is confident that people can safely use credit and debit cards at its stores.

Supervalu and AB Acquisitions are offering customers whose cards may have been affected a year of consumer identity protection services via AllClear ID.

Supervalu has also created a call center to help answer customer questions about the data breach and the identity protection services being offered. The call center can be reached at (855) 731-6018. Customers may also visit Supervalu's website under the Consumer Security Advisory section to get more information about the data breach and the identity protection services.

There are efforts underway to make credit and debit cards more secure following a rash of security breaches in recent months.

Target Corp. said this month that expenses tied to a breach leading up to last year's holiday shopping season could reach as high as $148 million. The incident led to a major shakeup at the company and CEO Gregg Steinhafel resigned.

Restaurant operator P.F. Chang's confirmed in June that data from credit and debit cards used at its restaurants was stolen. There have been smaller breaches at Neiman Marcus and Michaels Stores Inc.

Shares of Supervalu shed 33 cents to $9.26 in afternoon trading.

Explore further: Goodwill, feds investigate possible data breach

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Target offers credit monitoring after data breach

Jan 24, 2014

Target Corp. is offering some of its Canadian customers a year of free credit monitoring after a massive security breach at its U.S. stores put confidential details into the hands of thieves.

Recommended for you

Prosecutors target credit card thieves overseas

Sep 12, 2014

Criminals from around the world buy and sell stolen credit card information with ease in today's digital age. But if they commit their crime entirely outside the United States, they may be hard to prosecute.

Amanda Todd suspect linked to dozens of cases

Sep 12, 2014

A prosecutor says a Dutch man suspected of possessing child pornography and blackmailing and harassing victims over the Internet with naked images of themselves may have victimized up to 40 people in the Netherlands and several ...

User comments : 0