Serious card fraud revealed at major US supermarket chain

Cyber-Ark says it could have been prevented

(07.04.08) - A potentially major security breach has resulted in around 4.2 million credit and debit cardholders details being revealed in the US, with 1,800 fraud cases resulting so far, says Cyber-Ark, the digital vault security experts.

"The case is interesting, as it appears that the card numbers were stolen during the card authorization process," said Calum Macleod, Cyber-Ark's European director. "The security breach is reported to have affected more than 270 stores in the Hannaford chain across the US, as well as a number of independent stores that sell Hannaford products," he added.

According to Macleod, the company is reported to be aware of around 1,800 cases of card fraud as a direct result of the breach, but, he said, there are almost certainly more in the pipeline.

"This security breach is building into a potentially major one, especially since the system incursion appears to have taken place last December. The big question, of course, is why it took until late February before the supermarket chain became aware of the hack," he said.

"The company claims is taking `aggressive steps' to enhance its security systems, but that's small comfort for the 4.2 million people that used their cards at the store chain last year. The sad thing is that, with a little forethought and control, the expensive and inconvenient fallout from the security breach could have been avoided," he added.

For more on the Hannaford card security breach: http://tinyurl.com/2bmsnp. (Cyber-Ark: ra)