Supermarket chain SuperValu is investigating a data breach that may have affected credit and debit cards swiped at POS systems in 209 stores between June 22 and July 17, 2014. The breach may have resulted in the theft of account numbers, expiration dates and cardholder names of customers using payment cards at the stores. The breach affects SuperValu stores operated under the Cub Foods, Farm Fresh, Hornbacher’s, Shop ‘N Save and Shoppers brands.
As part of the same breach, stores operated by AB Acquisition LLC also may have been affected. AB is the parent company of supermarket chains Albertson’s, ACME Markets, Jewel-Osco, Shaw’s and Star Markets. SuperValu provides IT services to stores under the AB Acquisition umbrella. AB Acquisition has not revealed the number of stores that could have been affected by the attack.
In the wake of the breach, SuperValu notified federal law enforcement authorities and is cooperating in the investigative efforts. AB Acquisition is working with SuperValu to better understand the nature and scope of the incident, according to a company press release.
“The safety of our customers’ personal information is a top priority for us,” said Sam Duncan, President and CEO of SuperValu. “The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores.”
It is unknown how many customers in total may have been affected by the breach.
The companies are offering 12 months of consumer identity protection services via AllClear ID to any customer whose payment cards may have been affected. SuperValu established a call center to respond to consumer concerns about both the data breach and the identity protection services being offered. The call center is staffed Monday through Saturday from 8 am to 8 pm CST and can be reached at (855) 731-6018.
The security breach is the most recent in a line of hacks the retail industry has since 2013. Target experienced a massive breach in December 2013 which compromised the credit card account information of nearly 110 million customers. Subsequently, Neiman Marcus, Michaels Stores and P.F. Chang’s also have confirmed data breaches.