Last time its was Target now it is the turn of the United States grocery giants Albertsons and SUPERVALU. AB Acquisitions LLC, the company that operates the Albertsons grocery store chain posted a blog post detailing the data breach on their website Thursday. SUPERVALU also follow suit.
You can imagine the scale of leak as Albertsons is the second largest grocery store chain and SUPERVALU is the third largest chain in the United States, behind the leader Kroger’s. In the blog post, Albertson said that it had “recently learned of an unlawful intrusion to obtain credit and debit card payment information in some of its stores.” SUPERVALU on its blog post claimed that the “criminal intrusion may have resulted in the theft of account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder’s name from payment cards used at some point of sale systems at some of the Company’s owned and franchised stores.”
As per the reports available, the breach which began on June 22 and lasted till 17th July, 2014 may have exposed the credit and debit card information of almost all of its customers at various grocery store locations in more than 18 states.
The blog post says that Albertsons stores in Southern California, Idaho, Montana, North Dakota, Nevada, Oregon, Washington, Wyoming and Southern Utah were affected by the breach directly. It also says that third party store customers users of ACME Markets in Pennsylvania, Maryland, Delaware and New Jersey, customers from Jewel-Osco stores in Iowa, Illinois and Indiana, Shaw’s and Star Markets stores in Maine, Massachusetts, Vermont, New Hampshire and Rhode Island may also been exposed due to the leak
On the other hand the other chain which was hacked, SUPERVALU is also facing a massive data breach. it said that 180 of its Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy supermarket and liquor store locations are impacted.
AB Acquisitions has informed the law enforcement agencies and is working with SUPERVALU to understand the severity of the leak. Reader may note that Albertsons was owned by SUPERVALU until its sale to AB Acquisitions in 2013 for $3.3 billion therefore both of them were using the same backend system to manage their customer records, which was hacked by the cyber criminals during the said period.
At present both the companies said that there is no evidence of stolen payment card information is being misused but it is usually noticed that the criminals usually offer such stolen credit cards for sale on the underground forums on the Tor anonymizer network in due time. Both companies are offering affected customers one year of free credit monitoring services.