Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Hackers Stole 2.4 Million Card Numbers from Midwestern Grocery Chain

Schnucks Markets, a 100-store grocery chain across the Midwest, said on Monday that roughly 2.4 million payment cards used at 79 of its 100 stores may have been compromised as a result of a previously disclosed cyber attack.

Schnucks Markets, a 100-store grocery chain across the Midwest, said on Monday that roughly 2.4 million payment cards used at 79 of its 100 stores may have been compromised as a result of a previously disclosed cyber attack.

The St. Louis-based grocery chain said the breach occurred between December 2012 and March 29, 2013, and while as many as 2.4 million cards may have been compromised, the company emphasized that only the card number and expiration date were accessed – not the cardholder’s name, address or any other identifying information.

However, Schnucks did warn that scammers are taking advantage of the incident by contacting potential Schnucks-shoppers and requesting personal information such as Social Security numbers or credit card numbers under the guise of investigating the breach.

Schnucks was first tipped off about a potential breach after credit card companies informed the company that banks had detected fraud on 12 different cards that had been used at its stores.

The company subsequently hired breach investigation firm Mandiant to investigate the breach, which determined that the first indication of a cyberattack had occurred on March 28.

Schnucks has worked with its payment processor to make sure all potentially affected card numbers were sent to the credit card companies so that they may continue sending alerts to the issuing banks, the company said.

“A cyber-attack is not like a bank robbery where you know immediately when it occurred and who was affected,” the company said. “The investigation of a cyber-attack requires painstaking analysis of digital evidence that takes time in order to determine what happened.”

“Over the years, technology has helped us deliver superior customer service, but it also introduces risks that we have actively worked to manage through compliance audits, encryption technology and various other security measures,” said Scott Schnuck, Chairman and CEO, in a statement.

Advertisement. Scroll to continue reading.

Schnucks did not disclose technical details on the attack and how the card numbers were obtained, but did say that it provided the Secret Service and FBI with information about the methods and tools used by the attacker(s).

In a previous statement, the company said that during its most recent annual audit in November 2012, the company was validated as PCI DSS compliant by its assessor—another reminder that compliant does not always mean secure.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...