A Maine-based supermarket chain on Monday reported a data intrusion into its computer network that has put some 4.2 million customer credit and debit card accounts at risk, according to the company and press accounts.
No personal information, such as names or addresses, was accessed, said Ronald Hodge, chief executive of Hannaford Bros. in a letter apologizing to customers. "The stolen data was limited to credit and debit card numbers and expiration dates, and was illegally accessed from our computer systems during transmission of card authorization," he said.
Hodge added that the intrusion affected customers at Hannaford stores, Sweetbay stores in Florida and certain independently owned retail locations in the Northeast that carry Hannaford products. "We sincerely regret this intrusion into our systems, which we believe, are among the strongest in the industry," he wrote.
Of the credit card accounts exposed, 1,800 cases have been reported so far, the Associated Press reported citing a Hannaford executive. The data breach began on December 7 and wasn't contained until March 10, the same executive told the AP. Hodge said Hannaford is cooperating with credit and debit card issuers to ensure affected customers are protected. The company is working with law enforcement to help identify those responsible.
The breach of 4.2 million accounts is significant, but nothing compared with the 45.7 million accounts compromised over a two-year period in a data breach of customer records at TJX Companies, the operator of T.J. Maxx and Marshalls retail chains.