Skip to main content

Hackers hit SuperValu again; this time only 4 Cub stores affected

  • Author:
  • Updated:

SuperValu says the good news about its latest data breach is that the company's new protection against malicious software worked.

The bad news is four Twin Cities-area stores hadn't finished installing it.

Eden Prairie-based SuperValu announced Monday that hackers again broke into its computer system and unleashed malware in the part of the network that processes payment cards.

The company says this latest intrusion is separate from the data breach it announced last month.

The one that occurred in June and July compromised the payment card data of customers at more than 200 stores in SuperValu's national network, the Business Journal reports.

This time, SuperValu says, new technology prevented the malware from capturing payment card data – with the possible exception of some checkout lanes at Cub Foods stores in White Bear Lake, Shakopee, Roseville and Hastings.

As the Pioneer Press reports, the company says the latest intrusion likely occurred from late August through September 21. SuperValu is offering customers who shopped at the affected stores 12 months of identity protection services through AllClear ID.

But the company sounded pleased with the protection provided by its new technology.

President and CEO Sam Duncan said in SuperValu's statement: “We’ve taken measures to install enhanced protective technology that we believe significantly limited the ability of this malware to capture payment card data, and we will continue to make these investments going forward.”

Fortune says SuperValu's stock price fell 1.8 percent on Monday and was down another 1.5 percent in after-hours trading during the evening.

Hackers using malware to gain access to the payment card information of customers have struck a number of retailers, starting with Target late last year and more recently affecting companies ranging from Home Depot to Jimmy John's.

This summer the Department of Homeland Security issued an alert to retailers about a malware known as Backoff. Security officials say businesses may have had their point-of-sale systems infected without being aware of it.

What can business owners do to protect themselves? The New York Times, Forbes, and TransFirst are among those who have offered suggestions recently.

Next Up

Stillwater Prison

Investigation after inmate found dead in cell at Stillwater prison

Drug paraphernalia was found by officers inside the cell.

2 (3)

Focus is on family fitness at this year’s Twin Cities Marathon

Don’t miss out on the running, racing and all the fun things to do for the whole family

Screen Shot 2022-08-18 at 2.29.47 PM

Family's tributes to mother killed by partner in St. Paul murder-suicide

The 30-year-old was killed by her partner, who then killed himself.


Eagan man killed after crashing into traffic signal

The 30-year-old crashed into a traffic light early Wednesday morning.

Melvin Carter

What's in Mayor Melvin Carter's budget proposal?

Here's what the St. Paul mayor is putting his focus on for the upcoming year.

WCCO building

Digital, streaming employees at WCCO-TV vote to unionize

The 15 employees will join on-air talent and producers as members of the SAG-AFTRA union.


Police arrest man suspected of sexual assault, weapons threat in Eagan

The investigation prompted a SWAT response in an Eagan neighborhood on Tuesday.


Minnesota's COVID-19 update for the week ending Tuesday, August 16

The latest reporting period averaged just under 1,300 new cases per day.


Jason and Carly Zucker sell Edina home for $4.18M

The property was bought in 2020, months after Jason Zucker was traded to the Pittsburgh Penguins.