Make TBO Your Home Page| Subscribe To The Paper| Advertise With Us| Contact Us| Login| Edit Profile| Register
TBO.com - Tampa Bay Online
Email
Print
Sweetbay Clients On Fraud Alert
ADVERTISEMENT
Published: March 18, 2008
Updated: 03/17/2008 11:44 pm
Related Links
TAMPA - Customers of local Sweetbay supermarkets are among the victims of a security breach that led to the theft of 4.2 million credit and debit card numbers along the East Coast, and those shoppers are being urged to closely examine their accounts for fraudulent activity.
The Hannaford Bros. supermarket chain, which operates 165 Hannaford stores in the Northeast and 106 Sweetbay stores in Florida, said Monday it has identified about 1,800 cases of fraud linked to the theft.
Steve Smith, senior vice president for merchandising in Tampa for Sweetbay, one of the larger supermarket chains in the Bay area, said he did not know how many of the fraud cases are affecting Floridians, although 1.6 million of the stolen numbers stemmed from Sweetbay stores.
The company said the data was stolen from Hannaford's computer systems during the card authorization transmission process. Hannaford was made aware of unusual activity on cards used in its stores on Feb. 27, which triggered information technology and law enforcement investigations.
Smith said it is not uncommon for it to take a week and a half to determine whether the unusual activity "is an anomaly or something real." The vulnerability was patched on March 10, and investigators learned that the thefts began on Dec. 7.
Banking and consumer advocates criticized the delay in notifying the public about the problem.
Paul Stephens, of the San Diego-based consumer advocacy organization Privacy Rights Clearinghouse, said the delay in disclosure "puts consumers in a difficult position because they have no way of knowing whether their accounts may have been impacted or not."
However, Carol Eleazer, Hannaford's vice president for marketing, said the company "moved with all deliberate speed."
"It's really only now that we have sufficient understanding of the problem to alert our customers," she said.
The Hannaford and Sweetbay officials said the company does not know who is responsible. The U.S. Secret Service, whose duties include investigating electronic crimes such as data breaches, confirmed it's investigating but declined to comment on the scope of the crime.
"We know it was a sophisticated attack on the system, but we don't have any details on the" perpetrators, Smith said. "We know it's not internal. It's an external breach."
The thefts involved all major credit card lines, Smith said.
Because major card providers have zero-liability policies, cardholders are not generally responsible for fraudulent activities on their accounts.
However, they may be inconvenienced, according to Chuck Cashman of CUNA Mutual Group, the Wisconsin-based insurer of credit unions. Vulnerable cards will have to be reissued, he said. Cards also could be instantly canceled - putting cardholders at risk of the rejection of their cards - as financial institutions obtain details of the security breach and determine their customers are holding exposed cards.
Anyone who has used a card at a Sweetbay store during the Dec. 7-March 10 period should immediately review the statement and do so online, if possible, for the latest information, data security expert Kurt Long said. The cardholder should contact the financial institution or the card company if something is suspicious.
"You should be looking now, because the bad guys are looking to spend as fast as they can," said Long, founder and chief executive of Fair Warning, a St. Petersburg-based company that protects patient and financial information in the health care industry.
Such a security breach can seriously tarnish a company's image, Long said. "This is tough stuff," he said. "You do not want this headline."
But Smith said "everything is safe" at Sweetbay stores. "This was a professional, coordinated attack that is being investigated by authorities," he said. "The hole has been patched. We have state-of-the-art systems in place and our stores are as safe as any retailer. Customers should absolutely feel safe shopping at our stores and using credit and debit cards."
The theft involved only card numbers, not other personal information such as names or addresses that could enable identity theft. No cases of identity theft have been linked to the breach.
"We have taken aggressive steps to augment our network security capabilities," Hannaford president and CEO Ronald C. Hodge said in a statement released Monday. "Hannaford doesn't collect, know or keep any personally identifiable customer information from transactions."
Information from The Associated Press was included in this report. Reporter Jerome R. Stockfisch can be reached at jstockfisch@tampatrib.com or (813) 259-8402.
Email
Print
ADVERTISEMENT
Advertisement
TBO.com - Tampa Bay Online ©2009 Media General Communications Holdings, LLC. A Media General company. Member Agreement | Privacy Statement | Work With Us
