Beep. Beep. Beep. That’s the sound of your groceries scanning at the supermarket. What you might not recognize is that when you go to pay for your groceries, you may be putting yourself at risk. If you live in New England or down in Florida, you need to check where you’ve been shopping. The chain Hannaford Bros. announced that it recently suffered a data breach that resulted in the theft of 4.2 million credit and debit account numbers.

The apparent cause of the problem was a system that illegally accessed the data while it was being transferred to the credit companies and banks for validation. While an encryption system had been in place before the attack, it proved to not be effective against these persistent data breaches. After finding out about the breach, Hannaford Bros. instituted stricter policies for the validation process. All systems associated with the grocery chain now have a level of encryption and security higher than the national average and stronger than required by the industry.

As investigations continue on the data breach, it appears that the breach began in late 2007, but was not discovered until recently. Company officials have not volunteered any information about why it took so long to identify the problem. Even after learning about the problem, it still took over a month before Hannaford Bros. was able to contain the breach. Within that time period, they did not alert any of their consumers which has raised questions about their handling of the situation. If individuals had known that their important data had been stolen, they could have purchased a membership for some sort of ID theft service, such as Lifelock. While investigations continue into the party, or parties, responsible for the breach, Hannaford Bros. maintains that its customers should feel safe in shopping and using credit cards at the store.

Between December 2007 and the present, there have been 1,800 cases of fraud related to the stolen credit and debit card numbers. Although the company states that no personal data was accessed during the breach, their investigation of the matter is still in progress. Customers of Hannaford Bros. would be wise to check all of their bank accounts for unauthorized withdrawals or fraudulent activity on their credit card statements for the last few months. If someone has been a victim of fraud, they should look into purchasing Lifelock, or another ID theft system. Checking your credit reports is also a suggested step in recovering from fraudulent activity.

While Hannaford Bros. attempts to win its customers back over, other companies throughout the northeast have been put on alert. The Massachusetts Bankers Association (MBA) put out a press release, letting the public know that they should be aware of the large data breach. While they did not initially recognize Hannaford Bros. as the “major retailer” in the report, the MBA was later able to verify that the grocery chain’s verification system was at the center of the problem.

Tags: data breach, fraud, Hannaford Bros., identity theft, lifelock

This entry was posted on Saturday, May 17th, 2008 at 12:01 am and is filed under Corporate Breaches. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.