No PR purge here, says Hannaford's network security vendor

Now you see them, now you don't … now you do? Such has been the fate of press releases and testimonials touting Hannaford's use of Rapid7's flagship risk-management product since news of the beleaguered grocer's data breach broke a few days ago.

It's enough to make one wonder, especially since Rapid7 contends that Hannaford has cleared its product of any culpability in the breach. Moreover, Rapid7 can't seem to settle on a single explanation -- even with the CEO it giving it his best shot -- for what it insists was not an aborted PR purge. (Much more on this below.)

Hannaford has long been a poster-child for Rapid7's product, NeXpose, with numerous mentions on the Rapid7 Web site, all of which (save one) had gone missing as of yesterday.

This morning, a company spokesman told me the Hannaford erasures were in response to a direct request from the grocery guys, although he didn't know what prompted that request.

Then early this afternoon, as though by magic, all the Hannaford stuff reappeared on the Rapid7 site … and the fun really began to pick up.

Hannaford has yet to respond to my inquiry.

Backing up a step: The virtual disappearance of Hannaford from Rapid7's site was brought to my attention by the eagle eyes over at, who monitor and catalog data breaches, entertain the hacker world, and generally agitate.

This post at does an excellent job of showing the extent to which Rapid7 had to go to make Hannaford disappear ... and the utter futility of the attempt.

As for that lone mention of Hannaford remaining on the Rapid7 site, it was prominently positioned at the top of the company's press page and read (since updated):

In 2006, Hannaford Bros. purchased NeXpose to bolster their network security posture. Currently, Hannaford Bros. uses NeXpose to scan their internal resources. Based on NeXpose's ability to accurately detect and help remediate vulnerabilities, Hannaford Bros. renewed their agreement with Rapid7 in March of 2008.

Rapid7 says that Hannaford's re-upping after the breach was discovered demonstrates the customer's continuing confidence in the product. Again, no word about that from Hannaford.

But is Rapid7 concerned that despite Hannaford's newly inked contract, despite its reported exoneration and because of the airbrushing of Rapid7's Web site, Rapid7 customers and prospects may still come to associate NeXpose with this mega-breach?

"The worry might be that people will get the wrong impression," a Rapid7 spokesman tells me.

Purges of this nature do tend to create impressions ... rarely good.

(Update 2:35 p.m.: Just spoke to another Rapid7 marketing guy who tells yet another completely different story. He says the Hannaford materials were taken off the Web site in response to a massive traffic spike that was hampering customer downloads. Sounds like a complete crock to me. I've got a call in to the CEO, who can hopefully straighten this out, or at least decide which story they're going to settle on.)

(Update, 3:30: Rapid7 CEO Alan Matthews tells me that the decision to remove the Hannaford materials from his company's Web site was made in tandem by his marketing and network people after news of the Hannaford data breach hit the fan. What's less clear is why they did it, and Matthews was of limited help in explaining the various discrepancies.

Regarding Explanation No. 1, namely that Hannaford requested the materials be taken down, he says: "There may have been a discussion about it (between his people and Hannaford), but I'm not sure who actually suggested it or requested it. We may have suggested that we'd done it already and they may have said that's fine."

Rapid7's spokesman was unequivocal with me this morning in saying that Hannaford requested the purge; he also provided that same answer to in an e-mail. I'm told he's unavailable to clarify at the moment because he's on a plane -- honestly.

Regarding Explanation No. 2, namely that a network traffic spike prompted the purge, Matthews says: "When the Hannaford breach was announced, the person who normally administers our Web site thought, 'OK, we should take the press release down,' and he took it down. Because the page went 404, he decided that he would take all Hannaford stuff down. There was a lot of network traffic, although I think (the person who gave me Explanation No. 2) was kind of just making that up as to what happened."

That guy did admit to a shaky grasp of the facts.

Regarding why the Hannaford materials reappeared hours ago, Matthews says: "When I got involved yesterday afternoon I said, 'Well, there's no reason to do this; no one has actually asked us to do this. We should just put it back up the way it was."

Everyone clear now?

I still haven't heard back from Hannaford, obviously.)

Welcome regulars and passersby. Here are a few more recent Buzzblog items. And, if you'd like to receive Buzzblog via e-mail newsletter, here's where to sign up.

Mark Cuban keeps digging ... digging ... digging.

This is progress in Iraq? ... What the cluck?

Just using Facebook gets this guy dragged into Wikileaks case.

In defense of Caller-ID spoofing.

Stallman on handing over GNU Emacs, its future and the importance of nomenclature.

Google renames the Persian Gulf.

Get $500 just for going on a job interview. (No, really.)

Top 10 Buzzblog posts for '07: Verizon's there, of course, along with Gates, Wikipedia and the guy who lost a girlfriend to Blackberry's blackout.

8 can't-miss tech predictions ... for 1998


Copyright © 2008 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022