Hannaford Bros. supermarket chain announced Monday a security breach that led to thefts of customer credit and debit card numbers.
Hannaford says the security breach affects all of its 165 stores in the Northeast, 106 Sweetbay stores in Florida and a smaller number of independent groceries that sell Hannaford products. The company puts the number of unique credit and debit card numbers that were potentially exposed to fraud at 4.2 million.
The company is currently aware of about 1,800 cases of reported fraud related to the security breach.
The Massachusetts Bankers Association said one-third of its 200 member banks have been contacted by Visa and MasterCard about the problem.
Ronald Hodge, Hannaford president and chief executive officer, said the company has "taken aggressive steps to augment our network security capabilities" since unusual credit card activity came to light on Feb. 27.
The Maine-based company said credit and debit card numbers were stolen during the card authorization transmission process, but no personal information was divulged.
SCARBOROUGH, Me. -- Delhaize-owned Hannaford Bros. Co. plans to install a new network security solution to perform network scanning in compliance with the Payment Card Industry (PCI) Data Security Standard.
The retailer will deploy the NeXpose solution from Boston, Mass.-based Rapid7, to scan devices in Hannaford's networks and at point-of-sale in its 158 retail supermarkets and food and drug stores, ensuring the protection of customers' credit card data and other information throughout the enterprise.
"NeXpose is extremely thorough in its compliance checking against devices," said David Fournier, senior information security analyst, Hannaford Bros. Co. "NeXpose also demonstrated it enables integration with other technologies. We can easily integrate it with the Peregrine Service Center, the software we use for call-ticketing and incident-handling."
Rapid7 is a MasterCard-approved security-scanning vendor as part of the MasterCard Site Data Protection (SDP) Program. NeXpose PCI Compliance provides scan templates and reporting capabilities that meet or exceed the MasterCard SDP specifications for system security scanning. The PCI Standard compliance report presents pass/fail information at both executive and administrator detail levels. A complete remediation plan is generated that enables security analysts to bring their system devices into full compliance with the PCI Standard.
Hannaford Bros. Co. operates 158 supermarkets and food and drug combination stores in Maine, New Hampshire, Vermont, New York, and Massachusetts, and employs more than 26,000 associates. Its stores operate under the Hannaford Supermarket and Hannaford Supermarket and Pharmacy names.