Hackers hit SuperValu again; this time only 4 Cub stores affected


SuperValu says the good news about its latest data breach is that the company's new protection against malicious software worked.

The bad news is four Twin Cities-area stores hadn't finished installing it.

Eden Prairie-based SuperValu announced Monday that hackers again broke into its computer system and unleashed malware in the part of the network that processes payment cards.

The company says this latest intrusion is separate from the data breach it announced last month.

The one that occurred in June and July compromised the payment card data of customers at more than 200 stores in SuperValu's national network, the Business Journal reports.

This time, SuperValu says, new technology prevented the malware from capturing payment card data – with the possible exception of some checkout lanes at Cub Foods stores in White Bear Lake, Shakopee, Roseville and Hastings.

As the Pioneer Press reports, the company says the latest intrusion likely occurred from late August through September 21. SuperValu is offering customers who shopped at the affected stores 12 months of identity protection services through AllClear ID.

But the company sounded pleased with the protection provided by its new technology.

President and CEO Sam Duncan said in SuperValu's statement: “We’ve taken measures to install enhanced protective technology that we believe significantly limited the ability of this malware to capture payment card data, and we will continue to make these investments going forward.”

Fortune says SuperValu's stock price fell 1.8 percent on Monday and was down another 1.5 percent in after-hours trading during the evening.

Hackers using malware to gain access to the payment card information of customers have struck a number of retailers, starting with Target late last year and more recently affecting companies ranging from Home Depot to Jimmy John's.

This summer the Department of Homeland Security issued an alert to retailers about a malware known as Backoff. Security officials say businesses may have had their point-of-sale systems infected without being aware of it.

What can business owners do to protect themselves? The New York Times, Forbes, and TransFirst are among those who have offered suggestions recently.

Next Up