The Hannaford Bros. supermarket chain said a breach of its computer system led to the theft of about 4.2 million credit and debit card numbers from its Hannaford and Sweetbay stores and other locations. Local shoppers said they were stunned yesterday by a major supermarket's announcement that 4.2 million customer credit and debit card numbers were exposed in a security breach.
Hannaford Supermarkets, which has Norwood and Marlborough outlets, disclosed yesterday that credit and debit numbers had been stolen during the card authorization process over the last four months.
"It's frightening because I just used my debit card today," said Peggy Giovane, a Marlborough resident, as she loaded groceries into her car yesterday at Hannaford on Boston Post Road. "It's disturbing, but in this day and age, there are so many breaches you just have to stay on top of your credit. You can't wait for a bank statement."
The Scarborough, Maine, company said 1,800 cases of fraud have been found so far in a breach that began Dec. 7. Hannaford learned of the breach Feb. 27 and it was contained March 10. Changes have been made to prevent further thefts, the store said.
Local shoppers said the scare underscores the importance of monitoring credit and debit purchases on a daily or weekly basis.
"If you want the convenience of a credit card, you have to know your account and check every day," said David Sonderling of Marlborough, who reviews his statement online daily and has a credit monitoring service. "There's no such thing as a 100 percent secure system."
Not all customers who described themselves as regular Hannaford shoppers said they will give the store another chance.
Marlborough resident Ken Smith said he stopped shopping at a shoe store after a security breach and he will likely not shop at Hannaford anymore.
"I didn't shop (at the shoe store) because there was fraud, and if it is here, I won't be shopping here anymore," he said.
Personal data such as names, addresses or telephone numbers were not lost in the data thefts, Hannaford said.
All of the company's 165 stores in the Northeast were affected by the breach. Hannaford, in addition to its Norwood and Marlborough outlets, has area stores in Hudson, Milford, Uxbridge and Waltham.
The Secret Service said it was contacted by Hannaford and is investigating.
"We have taken aggressive steps to augment our network security capabilities," said Hannaford's president and CEO, Ronald C. Hodge. "Hannaford doesn't collect, know or keep any personally identifiable customer information from transactions."
Bruce Spitzer, a spokesman for the Massachusetts Bankers Association, criticized the store for waiting to publicly announce itself as the source of the breach.
"We've seen too many of these retail data breaches," he said. "If you as a company are responsible for a data breach, you should take responsibility for all of the costs associated with the breach."
Several residents said yesterday they have been customers at other stores that had similar breaches.
Daniel White of Sutton said he still shops at BJ's Wholesale Club, which had its own security failure in 2004.
"I'll probably keep coming (to Hannaford) unless you find out (the breach) could have been prevented and was not," he said.
In 2007, Framingham-based TJX Cos., which operates TJ Maxx, Marshalls and other stores, was hit with what's believed to be the largest theft of credit and debit card information. Hackers stole about 45 million card numbers from TJX computers.
The Message From Hannaford CEO Ron Hodge:
Dear Customer:
Hannaford has contained a data intrusion into its computer network that resulted in the theft of customer credit and debit card numbers. No personal information, such as names or addresses, was accessed. Hannaford doesn’t collect, know or keep any personally identifiable customer information from transactions.
We sincerely regret this intrusion into our systems, which we believe, are among the strongest in the industry. The stolen data was limited to credit and debit card numbers and expiration dates, and was illegally accessed from our computer systems during transmission of card authorization.
The intrusion affected Hannaford stores, Sweetbay stores in Florida and certain independently-owned retail locations in the Northeast that carry Hannaford products.
For more than 125 years, Hannaford has been dedicated to earning customer trust, and we want to provide you with these recommended steps:
- Carefully review your financial institution and credit card statements, and immediately contact your credit card company or issuing bank with any questions or concerns about individual charges.
- For more information or with questions, please call our Customer Information Center at 866-591-4580.
Hannaford is cooperating with credit and debit card issuers to ensure those customers who may be affected by the theft are protected. We also alerted law enforcement authorities, and are working closely with them to help identify those responsible.
We realize this incident may raise concerns and questions for our customers, and we sincerely regret any inconvenience this attack on our system may cause you. As always, we appreciate you choosing to shop at Hannaford. We remain committed to providing you with the finest foods and a clean, friendly and secure shopping experience.
Sincerely,
Ronald C. Hodge
President and CEO
Hannaford |
