Popular grocery retailer Supervalu has been hit with a data breach that could leave untold numbers of customers affected across around 200 of the company’s stores, according to the Associated Press.
Breach lasted for more than two weeks
The malicious incursion reportedly happened between June 22 and July 17. Unfortunately for the company’s many customers, the information that was targeted included a large database of patron data centering around credit card details. The company said that among the hacked data, card holder account numbers could have been exposed. Because Supervalu is the parent company to a host of different store labels, there are a number of different potentially impacted businesses, including enterprises like Shop ‘n Save, Farm Fresh, Cub Foods and Hornbacher’s. These establishments are spread out in states ranging from Illinois to Maryland.
With the breach out there in the news, Supervalu is now in the unenviable position of having to explain why it happened, why it took so long to detect and what customers can expect as far as data exposure. Of course, Supervalu is far from the first major enterprise to undergo this process of answering for a breach. In recent months, a succession of large businesses have fallen victim to similar intrusions. But far from justifying or somehow allaying the impact of Supervalu’s predicament, the fact that it follows a line of other large businesses – including Neiman Marcus, eBay and P.F. Chang’s – only suggests there’s a dearth of enterprise detection and response measures at all of these places.
Cub Foods in Minnesota appears to have been hit hardest
Of the various subsidiary enterprises impacted by the breach, Minnesota’s Cub Foods has been affected most significantly, according to the Minneapolis / St. Paul Business Journal. The reason some Supervalu stores were impacted while others weren’t is because the stores don’t all use the same point-of-sale system. In that way, at least, Supervalu can feel lucky that this spreading out of POS systems perhaps helped prevent what could have been a larger-scale incident.
Still, customers are unlikely to be pleased with the news that their data was exposed, and it’s likely that all stores under the Supervalu banner will be associated with this incursion. Like many enterprises before it, Supervalu now begins what will likely be a long road to recovery, which includes attempting to identify the vulnerability that was exploited, likely submitting to investigations and handling upset customers. Fortunately, there’s a way for other companies to avoid ever falling into this situation. The answer lies in better endpoint protection.