Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Hackers Stole 2.4 Million Card Numbers from Midwestern Grocery Chain

Schnucks Markets, a 100-store grocery chain across the Midwest, said on Monday that roughly 2.4 million payment cards used at 79 of its 100 stores may have been compromised as a result of a previously disclosed cyber attack.

Schnucks Markets, a 100-store grocery chain across the Midwest, said on Monday that roughly 2.4 million payment cards used at 79 of its 100 stores may have been compromised as a result of a previously disclosed cyber attack.

The St. Louis-based grocery chain said the breach occurred between December 2012 and March 29, 2013, and while as many as 2.4 million cards may have been compromised, the company emphasized that only the card number and expiration date were accessed – not the cardholder’s name, address or any other identifying information.

However, Schnucks did warn that scammers are taking advantage of the incident by contacting potential Schnucks-shoppers and requesting personal information such as Social Security numbers or credit card numbers under the guise of investigating the breach.

Schnucks was first tipped off about a potential breach after credit card companies informed the company that banks had detected fraud on 12 different cards that had been used at its stores.

The company subsequently hired breach investigation firm Mandiant to investigate the breach, which determined that the first indication of a cyberattack had occurred on March 28.

Schnucks has worked with its payment processor to make sure all potentially affected card numbers were sent to the credit card companies so that they may continue sending alerts to the issuing banks, the company said.

“A cyber-attack is not like a bank robbery where you know immediately when it occurred and who was affected,” the company said. “The investigation of a cyber-attack requires painstaking analysis of digital evidence that takes time in order to determine what happened.”

“Over the years, technology has helped us deliver superior customer service, but it also introduces risks that we have actively worked to manage through compliance audits, encryption technology and various other security measures,” said Scott Schnuck, Chairman and CEO, in a statement.

Schnucks did not disclose technical details on the attack and how the card numbers were obtained, but did say that it provided the Secret Service and FBI with information about the methods and tools used by the attacker(s).

In a previous statement, the company said that during its most recent annual audit in November 2012, the company was validated as PCI DSS compliant by its assessor—another reminder that compliant does not always mean secure.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Funding/M&A

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.