Supervalu Grocery Chain Latest to Suffer Data Breach

Supermarket Chain Probes Possible Data Breach
Ariana Lindquist/Bloomberg via Getty ImagesA customer shops for yogurt at a Cub Foods store owned by Supervalu in Crystal, Minn.
By MICHELLE CHAPMAN

NEW YORK -- A data breach at Supervalu may have affected as many as 200 of its grocery and liquor stores and potentially affected retail chains recently sold by the company in two dozen states.

The announcement lengthens the list of retailers that have had security walls breached in recent months, including Target, P.F. Chang's and even the thrift store operations of Goodwill Industries International.

Hackers accessed a network that processes Supervalu transactions, with account numbers, expiration dates, card holder names and other information possibly stolen, the company said. Those systems are still being used by the stores sold off by Supervalu last year for $3.3 billion, potentially opening up customer data at those stores as well.

The breach occurred between June 22 and July 17, according to Supervalu, which said it took immediate steps to secure that portion of its network.

The cards from which data may have been stolen were used at 180 Supervalu (SVU) stores and liquor stores run under the Cub Foods, Farm Fresh, Hornbacher's, Shop 'n Save and Shoppers Food & Pharmacy names. Data may also have been stolen from 29 franchised Cub Foods stores and liquor stores. Those stores in North Dakota, Minnesota, Illinois, Virginia, North Carolina, Maryland and Missouri.

But Supervalu said that a related criminal intrusion occurred at the chain stores it sold to Cerebus Capital Management in March 2013, stores that Supervalu continues to supply with information technology services.

Those stores include Albertsons, Acme, Jewel-Osco, Shaw's and Star Market -- and related Osco and Sav-on in-store pharmacies in two dozen states.

Cerebus affiliate AB Acquisition said that it's working closely with Supervalu to evaluate the scope of the potential breach.

Supervalu has yet to determine if any cardholder data was actually stolen and said Friday that there's no evidence of any customer data being misused. Information about the breach was released out of "an abundance of caution," the company said.

Intrusion Contained

The company believes that the intrusion has been contained and it said it is confident that people can safely use credit and debit cards at its stores.

Supervalu and AB Acquisitions are offering customers whose cards may have been affected a year of consumer identity protection services via AllClear ID.

Supervalu has also created a call center to help answer customer questions about the data breach and the identity protection services being offered. The call center can be reached at 855-731-6018. Customers may also visit Supervalu's website under the Consumer Security Advisory section to get more information about the data breach and the identity protection services.

There are efforts underway to make credit and debit cards more secure following a rash of security breaches in recent months.

Target (TGT) said this month that expenses tied to a data breach leading up to last year's holiday shopping season could reach as high as $148 million. The incident led to a major shakeup at the company and CEO Gregg Steinhafel resigned.

Restaurant operator P.F. Chang's confirmed in June that data from credit and debit cards used at its restaurants was stolen. There have been smaller breaches at Neiman Marcus and Michaels Stores .

Shares of Supervalu shed 17 cents to $9.42 in morning trading.


Increase your money and finance knowledge from home

How much house can I afford

Home buying 101, evaluating one of your most important financial decisions.

View Course »

Goal Setting

Want to succeed? Then you need goals!

View Course »

Add a Comment

*0 / 3000 Character Maximum

5 Comments

Filter by:
bjay0421

With all of these breaches, I can't help but wonder what will happen if hackers breach one of the businesses that offer security protection.
Think about it. In order to provide the protection, they need all of your information on their records. I've decided that I'd rather protect myself, than give them everything in one spot. That hack would be too gosh awful!
When using debit cards, protect your password. I see people openly entering their codes so often that I could write them down, if I were dishonest. When in doubt, pay with cash.

August 16 2014 at 5:17 PM Report abuse -2 rate up rate down Reply
fred

While security gets worse, the hackers get better- go figure.

August 15 2014 at 9:17 PM Report abuse -2 rate up rate down Reply
gee.effwye

Looking forward to our obamacare medical records being electronic.

August 15 2014 at 11:36 AM Report abuse -2 rate up rate down Reply
jdykbpl45

Pay cash. No chance of a data breach!

August 15 2014 at 9:21 AM Report abuse +1 rate up rate down Reply
Valerie

Note to Self: Always pay cash for purchases when shopping at retail stores.

August 15 2014 at 7:46 AM Report abuse rate up rate down Reply