US supermarket chain Supervalu confirms network hit by 'criminal intrusion'
15 August 2014 | 7422 views | 0
US supermarket chain Supervalu has become the latest retailer to admit that it has been hacked and that customer card data may have been stolen.
In a statement, the company says it suffered a "criminal intrusion" into the part of its network that processes payments for some of its 3320 stores. The breach appears to have occurred between 22 June and July 17.
Account numbers, expiration dates and other numerical information and cardholder names "may" have been stolen from cards used at POS systems in some owned and franchised stores.
The breach has also affected another retailer, Albertsons, which says that some of its shoppers at some of its stores may have had their card details compromised because Supervalu provides it with third party IT services.
Supervalu says that it has taken steps to secure its network and is confident that customers can now use their cards in its stores. The firm has brought in forensics experts to investigate and notified federal law enforcement authorities.
Sam Duncan, CEO, Supervalu, says: "The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores."
US retailers have found themselves under siege from hackers in recent months, with the most notable case seeing thieves use a vendor's credentials to infect POS devices with malware and steal the details of around 40 million Target customer cards.
In response, the industry has been scrambling to catch up with Europe and roll out EMV technology. Earlier this week research from a trade body estimated that 575 million US payments cards will feature EMV chip security by the end of next year.