Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

SuperValu grocery chain reports June/July payment card data breach

Reprints
SuperValu grocery chain reports June/July payment card data breach

Supermarket wholesaler and retailer SuperValu Inc. has reported that credit card data may have been stolen from 180 of its stores over a more than three-week period beginning in June, although there is no evidence to date that any of the data has been misused.

Eden Prairie, Minnesota-based SuperValu said Friday it believes the payment cards from which cardholder data may have been stolen were used during the period of from June 22 at the earliest, through July 17 at the latest, at 180 SuperValu stores and stand-alone liquor stores that operate under the Cub Foods, Farm Fresh, Hornbacher's, Shop 'n Save and Shoppers Brand & Pharmacy banners. The affected stores were in Illinois, Maryland, Missouri, Minnesota, North Dakota and Virginia.

The data may also have been stolen from some cards during this period at 29 franchised Cub Foods stores and standalone liquor stores, the company said in its statement.

The company said the criminal intrusion into a portion of its computer network that processes payments and transactions may have resulted in the theft of account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder's name, from payment cards used at point of sale systems.

SuperValu said, however, it has not determined that any cardholder data was in fact stolen by the intruder, and it has no evidence of any misuse of any such data. It said it is making the announcement of the possibility of misuse “out of an abundance of caution.”

The company said it took immediate steps to secure the affected part of its network upon recognizing of the intrusion, and that there is an ongoing investigation by third-party data forensics experts regarding the nature and scope of the incident.

“SuperValu believes the intrusion has been contained and is confident that its customers can safely use their credit and debit card in its stores,” the company said in its statement.

“The safety of our customers' personal information is a top priority for us,” said President and CEO Sam Duncan, in a statement. “The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores.”

The company said federal law enforcement authorities have been notified, and it is cooperating in their efforts to investigate the intrusion and identify those responsible.

SuperValu is offering customers whose payment card may have been affected two months of complimentary consumer identity protection services, the company said.

A spokesman did not immediately respond to a query about its insurance coverage.

Minneapolis-based Target Corp. has had gross expenses of $235 million in connection with its data breach last year, for which it has received $90 million in payments from its insurers.

Read Next