Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Grocery giants ALBERTSONS and SUPERVALU confirmed data breach

US Grocery giants ALBERTSONS and SUPERVALU have confirmed a data breach that could impact customers who acquired product in national stores. The Grocery giants Albertsons and SUPERVALU posted on Thursday a data breach notification related to an Incident Involving Payment Card Data Processing. Albertsons is the second largest grocery store chain in the US, meanwhile SUPERVALU is […]

Grocery giants ALBERTSONS and SUPERVALU confirmed data breach

US Grocery giants ALBERTSONS and SUPERVALU have confirmed a data breach that could impact customers who acquired product in national stores.

The Grocery giants Albertsons and SUPERVALU posted on Thursday a data breach notification related to an Incident Involving Payment Card Data Processing.

Albertsons is the second largest grocery store chain in the US, meanwhile SUPERVALU is the third one and owned/operated Albertsons and other stores until a 2013, when it was acquired by AB Acquisitions for $3.3 billion.

The data breach may have exposed the credit and debit card data of an unknown number of its customers, which have acquired products at various grocery stores in more than 18 states.

“AB Acquisition LLC, which operates Albertsons stores under Albertson’s LLC and ACME Markets, Jewel-Osco, and Shaw’s and Star Markets under New Albertson’s, Inc., recently learned of an unlawful intrusion to obtain credit and debit card payment information in some of its stores.” States the notification published on the AB Acquisitions LLC, the company that operates the Albertsons grocery store empire.

supervalu kells-01

The incident apparently occurred in June 22th and lasted until July 17th, SUPERVALU also confirmed that 180 of its Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy supermarket and liquor store locations suffered a data breach.

“We know our customers are concerned about the security of their payment card data, and we work hard to protect it,” “As soon as we were notified of the incident, we began working closely with SUPERVALU to determine what happened. It’s important to note that there is no evidence at this point that consumer data has been misused.” said Mark Bates, Senior Vice President and Chief Information Officer at AB Acquisition LLC.

In response to the incident, the company immediately reported to law enforcement the data breach and is working with staff at SUPERVALU to identifie any link between the two crimes and understand the nature and scope of the compromise.

”The appropriate federal law enforcement authorities have been notified, and AB Acquisition is working closely with its third party IT services provider, SUPERVALU, to better understand the nature and scope of the incident. Third-party data forensics experts are supporting an ongoing investigation. AB Acquisition has not determined that any cardholder data was in fact stolen, and currently it has no evidence of any misuse of any such data.” Continues the notification.

Also SUPERVALU has notifies the incident to its customers, the company claimed a “criminal intrusion may have resulted in the theft of account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder’s name from payment cards used at some point of sale systems at some of the Company’s owned and franchised stores.”

“The safety of our customers’ personal information is a top priority for us,” “The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores.” said SUPERVALU President and CEO Sam Duncan.

In time I’m writing both companies, victims of the incidents, haven’t discovered any abuses of the stolen payment card data.

Users that will notice suspicious activity on their credit or debit card can report it to law enforcement.

Stay tuned for further information of the incidents.

Pierluigi Paganini

(Security Affairs – SUPERVALU , data breach)