Hannaford supermarket chain discloses data breach involving credit, debit cards

Portland, Maine-based supermarket chain Hannaford Brothers Monday disclosed it has suffered a data intrusion into its computer network that has resulted in the theft of customer credit and debit card numbers.

“The intrusion affected Hannaford stores, Sweetbay stores in Florida and certain independently-operated retail locations in the Northeast that carry Hannaford products,” stated Ronald Hodge, Hannaford’s president and CEO. Hannaford did not provide additional information except to say that it believes that “no personal information, such as names or addresses, was accessed. Hannaford doesn’t collect, know or keep any personally identifiable customer information from transactions.”

According to the statement by Hodge, the data was “illegally accessed from our computer systems during transmission of card authorization.”

Hannaford is encouraging customers to keep watch on their credit-card statements for possible fraud. “Hannaford is cooperating with credit and debit card issuers to ensure those customers who may be affected by the theft are protected,” Hodge said in the prepared remarks. “We also alerted law enforcement authorities, and are working closely with them to help identify those responsible.”

Earlier Monday, the Massachusetts Bankers Association issued a statement that Visa and MasterCard had contacted 60 to 70 banks in Massachusetts about a large data breach at a “large retailer” whose name it wouldn’t disclose.

“We have learned that 60 to 70 of our banks have received alerts from Visa and MasterCard about thousands of exposed credit and debit cards caught in a new data breach,” said Daniel Forte, president and CEO of the Massachusetts Bankers Association. The data breach is reported to have occurred between Dec. 7, 2007 and March 10, 2008. The MBA said that each bank that received an alert from the card companies will make its own decision whether or not to issue new cards or to monitor the accounts for the time being.