Supermarket Chain Becomes Latest Breach Victim

Aug. 18, 2014

Supermarket Chain Becomes Latest Breach Victim A company that runs a network of affiliated supermarkets across the country said late last week it discovered its data security system had been breached exposing the payment-card information of an unknown number of customers. AB Acquisitions operates more than 1,000 stores in 29 states including ACME, Albertsons, Amigos, Jewel-Osco, Lucky, Market Street, Shaws, Star Market, Super Saver and United Supermarkets. The company said the breach occurred on or after June 22, 2014 and ended on or before July 17, 2014. SUPERVALU, the company which used to own Albertsons and continues to provide it with IT services, said its stores were also affected by the breach. SUPERVALU brands include Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy.

While card-not-present merchants are bracing for a post-EMV world , investigative journalist Brian Krebs provided some insight on why, from a perspective of potentially experiencing a data-security breach, it’s better, at the moment, to be an online retailer:

“Credit and debit cards stolen from bricks-and-mortar stores (called ‘dumps’) usually sell for at least ten times the price of cards stolen from online merchants (referred to in the underground as ‘CVVs’ or just ‘credit cards’). As a result, dumps are highly prized by today’s cyber crooks,” Krebs wrote on Friday. “A big part of the price difference has to do with the number of steps it takes for the people buying these stolen cards (a.k.a. “carders”) to ‘cash out’ or gain value from the stolen cards.”