TMCnet News
Supervalu reports second security breach(Supermarket News Via Acquire Media NewsEdge) For the second time in six weeks, Supervalu said it experienced a security breach in its data systems. The Minneapolis-based wholesaler said Monday it has discovered that, since an earlier incident was reported in mid-August, an intruder installed malware into the portion of its computer network that processes payment-card transactions for some of its retail customers, including Shop ‘n Save, Shoppers Food & Pharmacy and corporate-owned and franchised Cub Foods stores. The company said it believes the latest intrusion did not succeed in capturing data from any payment cards used at any stores other than possibly at four franchised Cub Foods stores in Hastings, Roseville, Shakopee and White Bear Lake, Minn., where implementation of enhanced protective technology had not yet been completed. The malware may have been successful in capturing account numbers from those four stores, in addition to expiration dates, other numerical information and/or cardholders’ names, from transactions between Aug. 27 and Sept. 21, Supervalu said — though it has made no determination that any cardholder data was stolen, it noted. The four Cub locations are offering customers who used payment cards during that period 12 months of complimentary consumer identification protection services through AllClear ID, Austin, Texas. According to Supervalu, once it recognized the intrusion, it took immediate steps to secure the affected part of its network and said it believes it has eradicated the malware. The comapny also said it believes its enhanced protective technology significantly limited the malware’s ability to capture data from payment cards where the malware was installed. The wholesaler said it has notified federal law enforcement authorities of the latest incident and is cooperating in their efforts to investigate the matter. According to Sam Duncan, president and CEO, “We care greatly about our customers, and the safety of their personal information will continue to be a top priority for us. We’ve taken measures to install enhanced protective technology that we believe significantly limited the ability of this malware to capture payment-card data, and we will continue to make these investments going forward.” The company also said it is continuing to take actions to implement further security enhancements and to improve its information security safeguards. Supervalu said it believes this second incident was a separate intrusion from the one disclosed on Aug. 14, which involved stores operated by Albertsons LLC and New Albertsons, Inc. © 2014 Penton Media |