Security Experts:

Connect with us

Hi, what are you looking for?



New Data Breaches Hit Supervalu, Albertson’s

Supermarket chains Supervalu and Albertson’s revealed on Monday that some of their payment processing systems have once again been breached.

Supermarket chains Supervalu and Albertson’s revealed on Monday that some of their payment processing systems have once again been breached.

In a security advisory posted on its website, Supervalu said cybercriminals installed a piece of malware on a section of its computer network that handles payment card transactions for Shop’n Save, Shoppers Food & Pharmacy and Cub Foods Aestores, including some associated stand-alone liquor stores.

The incident, which took place in late August or early September, is a separate breach from the one announced by the company on August 14. The company also noted that a different piece of malware was used in the second attack.

After the first breach, the company started rolling out some enhanced security measures which are believed to have significantly limited the damage caused by the second intrusion. More precisely, the company said the malware planted in the new attack only managed to capture data from checkout lanes at four franchised Cub Foods stores in Minnesota (Hastings, Shakopee, Roseville and White Bear Lake).

“For these four stores, SUPERVALU believes that the malware may have been successful in capturing account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder’s name, from payment cards used at some checkout lanes during the period of August 27 (at the earliest) through September 21 (at the latest), 2014; however, the Company has made no determination that any cardholder data was in fact stolen by the intruder,” Supervalu said.

The four Cub Food stores are affected because Supervalu has not completed the implementation of enhanced security measures at these locations.

The company is offering complimentary identity protection services through AllClear ID for a period of 12 months to customers who paid with their credit cards at the impacted Cub Foods stores.

Albertson’s stores operated by AB Acquisition LLC are also affected by the breach since Supervalu provides IT services to the company. According to a notice posted on the Albertson’s website, the incident affects Albertson’s stores in Southern California, Idaho, Montana, North Dakota, Nevada, Oregon, Washington, Wyoming and Southern Utah; ACME Markets in Pennsylvania, Maryland, Delaware and New Jersey; Jewel-Osco stores in Iowa, Illinois and Indiana; and Shaw’s and Star Markets stores in Maine, Massachusetts, Vermont, New Hampshire and Rhode Island.

“At this time there has not been a determination that any payment card data was in fact stolen as a result of either incident. Measures have been taken to prevent further use of this new and different malware in the affected store locations. We are also implementing additional measures to enhance the protection of customer payment card data,” AB Acquisition LLC said in a statement.

The first intrusion, which started sometime in late June, is still being investigated. However, Supervalu says it still hasn’t determined that payment card data was in fact stolen by the cybercriminals.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.