Make us your home page
Instagram

After data theft, Sweetbay upgrades security

Sweetbay Supermarket and its New England parent are pouring millions into "industrial strength" security after reporting a big data breach March 17.

"This has been the most challenging time in our 100-year history and certainly in my tenure here," said Ron Hodge, chief executive of Hannaford Bros., who also oversees Sweetbay for Belgian owners DelHaize Group.

The breach at 106 Sweetbay stores in Florida and 165 Hannaford Bros. stores in New England lasted from Dec. 7 through March 10.

About 4.2-million debit and credit card numbers were compromised, including 1.6-million on Florida's west coast. So far, 1,800 reports of attempted fraud were reported, but card issuers Visa and MasterCard decline to update the count.

Hodge outlined corrective action in a conference call Tuesday but declined to address the criminal investigation, who's going to pay card issuer losses, or nine privacy lawsuits filed on behalf of customers.

He said the grocer now encrypts all payment data starting at the checkout after adding firewalls, software fixes and around-the-clock monitoring. Infected servers already were replaced, but other installation will take months. The bill has not hit $10-million.

"It hurts to take out perfectly good hardware, but we're replacing the card readers at every store," said Bill Homa, Hannaford chief information officer. "At $5,000 a store, it adds up quickly."

The chain's sales have not suffered since the breach was disclosed, Hodge said.

The company learned of the breach Feb. 27 after Visa refused a string of unauthorized transactions. Hannaford assigned a team of forensic data security experts to pinpoint the leaks. A patch was installed March 10.

Card issuers, however, continue issuing new card numbers regarded as at risk or on customer request. SunTrust Banks and Achieva Federal Credit Union mailed replacement cards as recently as last week, but bankers say cases of fraud are not widespread.

"We have not reissued a card or had a case of fraud reported," said Bucky Sebastian, chief executive of the GTE Federal Credit Union in Tampa, which has 205,000 members.

"The problems were more up North."

Meanwhile, a similar hack that comprised 46,000 cards in February was reported by Okemo Mountain Resort ski area in Ludlow, Vt.

Both represent a new type of hack attack. In the few publicly disclosed breaches by retailers such as TJMaxx/Marshalls, hackers tapped a company database.

This time they installed "malware," or malicious software, in store servers that intercepted card authorization messages between the checkout and banks.

The hackers transmitted batches of stolen numbers and expiration dates to an offshore Internet Service Provider. They did not get Personal Identification Numbers, known as PINs, Homa said.

Typically, hackers sell card numbers to thieves who try to convert them to cash. So far all the fraud disclosed involved unauthorized purchases. No case of attempted identify fraud — using personal information to create a duplicate identity to open new accounts — has surfaced.

Meanwhile, class action suits seeking damages and free credit monitoring services for affected customers are moving through the court system. All nine suits, including one filed in a state court in Tampa, are being consolidated in federal court while judges decide where to hear the case.

Mark Albright can be reached at albright@sptimes.com or
(727) 893-8252.

After data theft, Sweetbay upgrades security 04/22/08 [Last modified: Thursday, April 24, 2008 10:37am]
Photo reprints | Article reprints

© 2017 Tampa Bay Times

    

Join the discussion: Click to view comments, add yours

Loading...
  1. Trigaux: Look to new Inc. 5000 rankings for Tampa Bay's future heavyweights

    Business

    There's a whole lotta fast-growing private companies here in Tampa Bay. Odds are good you have not heard of most of them.

    Yet.

    Kyle Taylor, CEO and founder of The Penny Hoarder, fills a glass for his employees this past Wednesday as the young St. Petersburg personal advice business celebrates its landing at No. 25 on the 2017 Inc. 5000 list of the fastest growing private companies in the country. Taylor, still in his 20s, wins kudos from executive editor Alexis Grant for keeping the firm's culture innovative. The business ranked No. 32 last year. [DIRK SHADD   |   Times]
  2. Ford's Garage opens new Westchase spot

    Business

    Ford's Garage opened its sixth Florida location in Westchase this week.

    hillsevbiz081817: Ford's Garage opened its sixth Florida location in Westchase this week. Photo courtesy of Ford's Garage
  3. Carls Patio celebrates great outdoor furnishings in Carrollwood

    Business

    CARROLLWOOD — While many northerners are shoveling snow, Floridians are lounging poolside in the middle of winter.

    hillsevbiz081817: After selling outdoor and patio furniture in locations in South Florida since 1993, Carls Patio has opened its first store to open in the Tampa Bay area and there are plans for more. Photo courtesy of Carls Patio.
  4. Massage therapist opens South Tampa office

    Business

    As a social worker in the early '90s, a majority of Tracy Jones' cases were people dealing with depression.

    Tracy Jones recently opened Tampa Bay Sports and Medical Massage in South Tampa. Photo courtesy of Tracy Jones.
  5. Stadium area Chick-fil-A location will open Aug. 31

    Business

    While active in the Air Force, New York City native, Carlos Brito often traveled to Tampa for work.

    Chick-fil-A Tampa Stadium celebrates its' grand opening on Aug. 31. Photo courtesy of Carlos Brito.