Make us your home page

Hackers steal credit card information from Sweetbay shoppers

About 4.2-million Visa, MasterCard and Discover credit and debit card numbers — 1.6-million of them used at Sweetbay Supermarkets in Florida in the past three months — were exposed to hackers who tapped into the computer network at Hannaford Brothers grocery chain in Portland, Maine.

Hannaford, which runs 160 stores in New England, also processes transactions for its 106-store corporate sibling Sweetbay, which operates on the west coast of Florida.

So far, fewer than 2,000 transactions have been identified as fraudulent. But investigators are not sharing the details, including the type of fraud.

"We're just starting our investigation," said Malcolm Wiley, spokesman for the U.S. Secret Service, which probes counterfeiting and many computer-related crimes.

The security breach exposed payment card account numbers for any transaction handled at a Sweetbay between Dec. 7, 2007, and March 10.

Sweetbay officials, in apologizing for the "intrusion," suggested Monday that customers doublecheck card or bank statements for unauthorized or unfamiliar transactions. Call the bank or card issuer, or both, if something looks suspicious.

Sweetbay does not know the names or personal identification of its customers. So it said it has no way to call anyone to ask for added personal information in connection with the case.

Visa officials declined to comment on the case except to say card holders are not liable for any loss triggered by fraud. Visa is notifying card issuers of compromised accounts and is prepared to issue thousands of new account numbers if necessary.

The hack is the latest in a growing type of organized retail theft plaguing companies that handle massive amounts of payment card data, including TJMaxx parent TJX Cos. and First Data's Western Union unit.

TJX last month paid $41-million to settle with the card companies after its security was partly blamed for a 2005 hack that exposed 46-million credit card numbers to thieves.

Hannaford learned of the hack when a card payment clearinghouse on Feb. 27 spotted an unusual number of transactions.

Quoting an unidentified source in the investigation, the Wall Street Journal online said Monday that the card numbers have turned up in transactions in Detroit, Houston, France and Brazil.

Unlike TJX, where hackers intercepted wireless signals from outside a data-processing center, Hannaford only uses encrypted wireless signals to transmit numbers inside stores. Transmissions to the computer in Maine go through telephone lines.

By March 8 the company and its computer security consultants felt confident enough in pinpointing the dates of the breach to make repairs that were completed March 10.

"We have our arms around the problem, but given our state-of-the-art system, it was a real surprise that we were under attack," said Carol Eleazer, spokeswoman for Hannaford. "This was an incredibly sophisticated scheme."

Hannaford and Sweetbay don't collect personal information on their customers. So the information compromised was limited to card numbers and expiration dates.

That's typically not enough to create a stolen identity. Thieves typically rush to use card account numbers to make purchases online or to create counterfeit cards or bogus gift cards to transform account numbers into cash. Doing so requires blank cards and machines that can read other security tracking data embedded in the cards. Retail security groups have complained that the equipment needed is readily available from online auction sites.

Mark Albright can be reached at or
(727) 893-8252.

Have you been a victim?

If you think your credit card information has been stolen as a result of shopping at Sweetbay, we'd like to hear from you. Please call Ilyce Meckler at 727-892-2296 or e-mail

What to do

If you used a credit or debit card at a Sweetbay Supermarket between Dec. 7 and March 10, do the following.

1. Double-check your card or bank statements for unfamiliar charges.

2. Call your card issuer or financial institution if you find something suspicious.

3. Do not offer personal information to anyone who calls or e-mails about the case claiming to be from Sweetbay. The grocer does not keep enough personal information to contact its customers. Customers with questions can call toll-free 1-866-591-4580.

Hackers steal credit card information from Sweetbay shoppers 03/17/08 [Last modified: Thursday, March 20, 2008 9:46am]
Photo reprints | Article reprints

© 2017 Tampa Bay Times


Join the discussion: Click to view comments, add yours

  1. Tampa man pleads guilty to forging check for fake investment

    Personal Finance

    A Tampa resident was convicted Thursday for forging a check for a fake investment. The Florida Office of Financial Regulation said that Eric Franz Peer pleaded guilty. He served 11 months in jail and will have to pay $18,000.

  2. Minority business accelerator launch by Tampa chamber to aid black, Hispanic businesses


    A "minority business accelerator" program was launched Thursday by the Greater Tampa Chamber of Commerce geared toward helping black and Hispanic business owners identify and overcome barriers to grow their companies. The accelerator, known as MBA, will provide participants with business tools to cultivate opportunities …

    Bemetra Simmons is a senior private banker at Wells Fargo, The Private Bank. She is also chair of the new minority business accelerator program for the Greater Tampa Chamber of Commerce. [Photo, LinkedIn]
  3. Terrier Tri brings unique triathlon training to South Tampa


    Over a decade ago, Robert Pennino traded late nights in the music studio for early mornings in the Terrier Tri cycle studio.

    Terrier Tri, a cycling studio in South Tampa celebrates a grand opening on June 27. Photo courtesy of Tess Hipp.
  4. New bistro hopes to serve as 'adult Chuck E. Cheese'


    YBOR CITY — Inside Cheezy's Bistro and Speakeasy, a new restaurant opening in Ybor City, customers will find a mix of family recipes, games and secrecy.

    Cheezy's Bistro and Speakeasy readies to open in Ybor City. Photo courtesy of Cheezy's Bistro and Speakeasy.
  5. Ramadan having an economic impact on local charities, businesses

    Economic Development

    TAMPA — Dodging the rain, a few families and customers gathered inside Petra Restaurant on Busch Boulevard. Around 8:30 p.m., the adham (or call to prayer) music begins, signaling Iftar, the end of the daily fast. Customers grabbed a plate to dig into the feast.

    Baha Abdullah, 35, the owner of the Sultan Market makes kataif, a common dessert that is eaten during the month long celebration of Ramadan in Tampa. [OCTAVIO JONES   |   Times]