Hannaford Data Breach Exposes More Than 4 Million Cards
Written by Evan SchumanMarch 17th, 2008
The Hannaford supermarket chain confirmed on Monday a "data intrusion" during payment authorization transmissions that exposed some 4.2 million credit and debit cards and led to 1,800 reported cases of fraud thus far.
During the breach, "no personal information, such as names or addressed, was accessed or obtained" but the breach did expose customer credit and debit card numbers along with their expiration dates, said Hannaford CEO Ronald Hodge.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
One Comment | Read Hannaford Data Breach Exposes More Than 4 Million Cards
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.

-Christine

March 21st, 2008 at 10:19 am
This unfortunate situation seems to validate the differences between compliance with PCI standards and a truly secure payment system. The PCI DSS is an excellent place to start for anyone looking for insight into what the card brands feel are best practices related to payment system security. However, it has been and will remain my opinion that when it comes to protecting credit card information in the merchant environment, stronger measures would equate to building higher walls around the data….hackers and thieves will ultimately show up with “taller ladders”.
Had the credit card data been removed BEFORE it entered the POS and been replaced with an electronic Token, this could have all been avoided. The idea being…”They can’t steal what you don’t have”.