Malware used in Hannaford card data theft

Malware used in Hannaford card data theft

A security breach at US grocer Hannaford Bros that compromised around 4.2 million credit and debit card accounts was caused by fraudsters installing malware on servers at all of the retailer's 300 stores.

The Maine-based retailer, which reported the data breach earlier this month, says all customers who used their debit or credit card between 7 December 2007 and 10 March 2008 could be at risk.

In a letter to customers on the company's Web site, Ronald Hodge, president and CEO, Hannaford, says "a novel and sophisticated attack" on the computer network "resulted in the theft of certain credit and debit card numbers".

The security breach was discovered on 27 February after the retailer was informed of unusual card activity by Visa. The grocer says it called in security experts to investigate and informed Massachusetts regulators about the incident.

Hannaford says personal information such as names and addresses were not stolen because it does not store customer data.

But according to press reports the breach was caused by malware that was secretly installed on servers at all of Hannaford's 300 stores. The software intercepted customers' card data during the card verification transmission process at the checkout. It is thought the data was then transmitted to an Internet service provider somewhere outside the US.

Reports suggest that there have already been around 1800 cases of alleged credit card fraud resulted from the breach.

News of the Hannaford hacking comes just over a year after US retailer TJX reported a security breach that resulted in the theft of millions of credit card numbers.

Hackers placed unauthorised software on TJX's computer network and stole at least 100 files containing data on millions of accounts from systems in Framingham, Massachusetts and Watford, UK.

Comments: (0)