Supervalu, a grocery chain comprising 3,000-plus stores, began notifying customers yesterday that hackers may have obtained their payment card account numbers and expiration dates, as well as their names, through point-of-sale systems at 180 Supervalu stores and 29 stand-alone liquor stores. The breach occurred between June 22 and July 17. An ongoing investigation by a third-party forensics firm is still assessing its scope.
The breaches occurred at stores operated under Supervalu’s Cub Foods, Farm Fresh, Hornbacher’s, Shop ‘n Save, and Shoppers Food & Pharmacy banners. Upon learning of the breach, the company notified federal law enforcement authorities and the major payment card companies.
To date, Supervalu and its investigators have uncovered no evidence that any cardholder data was stolen by hackers, nor have they discovered any misuse of such data. The chain believes the breach has been contained and is telling customers they can safely use their credit and debit cards in Supervalu stores. A call center has been set up by the company to address customer concerns about the breach and it is offering 12 months of free identity protection services to customers who may have been affected.
“The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data,” said President and CEO Sam Duncan in a press release revealing the breach.
By contrast, the Target holiday data breach that may have affected more than 100 million consumers was discovered by federal agents, who notified the retailer.
