Mrs. Mecomber’s Scrapbook

I blogged about the grocery store, Hannaford’s, problem with security a few weeks ago. Hannaford’s is a huge grocery store chain here in the Northeast. I was affected by the data breach (as were most Northeasterners) and had to get new credit and bank cards. I am closely monitoring my statements, still.

To be more accurate, Hannaford’s security wasn’t the real issue; the finger of blame goes (once again) toward credit card companies. You can read more about it here.

But Hannaford’s is to be commended for their speedy response to this problem.

The supermarket chain Hannaford Bros. Co. has spent millions of dollars on additional security measures since last month’s revelation that hackers may have accessed up to 4.2 million credit and debit card numbers, it said yesterday.

The grocer, based in Scarborough, Maine, has stores in Massachusetts and several other states. It has started encrypting card numbers from the moment they are swiped at checkout counters. And it has tapped IBM to monitor security for its computer network around the clock.

But Hannaford’s top security executive said some other retailers are probably still vulnerable to similar attacks. “The latest threat wasn’t anticipated,” said chief information officer Bill Homa. “The bad guys are one step ahead.”

Hannaford told Massachusetts authorities it found unauthorized computer programs, called malware, on servers in more than 270 stores. When customers swiped their credit cards, the malware intercepted the data as it was transmitted from cash register to credit card processors.

The malware stored the data - card numbers and expiration dates - on store computers and later sent the information to offshore computers, where it could presumably be picked up by the thieves.

I am appalled– APPALLED– at the complete disregard bankers and companies, and the government, for that matter, have toward us and our data. It has gone too far and we really need to pressure these people to halt their data mining!