Welcome, Guest.
Please login or register.
Hannaford Security Breach
Rotterdam NY...the people's voice    Rotterdam's Virtual Internet Community    Inside Rotterdam  ›  Hannaford Security Breach Moderators: Admin
Users Browsing Forum
AdSense and 70 Guests

Hannaford Security Breach  This thread currently has 2,934 views. |
2 Pages « 1 2 Recommend Thread
MobileTerminal
March 27, 2008, 7:12pm Report to Moderator
Guest User
I plan on joining this suit if I can
Logged
E-mail Reply: 15 - 25
Brad Littlefield
March 27, 2008, 7:34pm Report to Moderator
Guest User
We have all become too reliant on credit and debit cards.  Whereas I used to try to pay in cash, the convenience of a credit/debit card led me to pay with cards.  

With the increase in ID Theft and the ability to quickly accrue massive debt using credit cards, I think that I will go back to the way
that we did it "in the old days" and pay with cash.  If I don't have the money, I don't buy!
Logged
E-mail Reply: 16 - 25
JoAnn
March 27, 2008, 7:52pm Report to Moderator
Administrator Group
Posts
2,047
Reputation
60.00%
Reputation Score
+3 / -2
Time Online
19 days 19 hours 27 minutes
I only use my debit card when I get gas. That is because of convenience. When I get paid, I keep cash out for the week. I usually pay with cash. I use my credit card only if it is absolutely necessary.

I think we all have to take some responsibility in protecting ourselves and our identities and not depend so much on the government or businesses to do that for us.
Logged
Private Message Reply: 17 - 25
MobileTerminal
March 27, 2008, 8:02pm Report to Moderator
Guest User
heh, here in the city your cash is more at risk. Muggers grab wallets and  purses. Rotterdam must be speshul!

Seriously tho, I carry cash on me, but a limited amount. I earned a LOT of money with Paypal Cash Back last year - enough to make me want to use it regularly. Debit cards are way too convenient to use, especially with the MC/Visa logo (accepted everywhere).

For instance, I filled my tank up today (OUCH!) - $71.00 - I got $1+ back on that transaction .. it adds up over the course of the year.

Besides, with technology today, exposing credit cards for this long a period (Hannaford) was totally inexcusable. I'm NOT  a "sue" person normally, but this was uncalled for and preventable. They failed to protect me when I trusted them with vital information - I was inconvenienced significantly and exposed to financial risk/liability, as I'm sure many thousands of other people were. Hannaford needs to make this right.
Logged
E-mail Reply: 18 - 25
Admin
March 29, 2008, 6:45am Report to Moderator
Board Moderator
Posts
18,484
Reputation
64.00%
Reputation Score
+16 / -9
Time Online
769 days 23 minutes
http://www.dailygazette.com
Quoted Text
Credit card breach blamed on unauthorized software
BY JERRY HARKAVY The Associated Press

    PORTLAND, Maine — Unauthorized software that was secretly installed on servers in Hannaford Bros. Co.’s supermarkets across the Northeast and in Florida enabled the massive data breach that compromised up to 4.2 million credit and debit cards, the company said Friday.
    The Scarborough, Maine-based grocer confirmed a report in The Boston Globe that it told Massachusetts regulators this week about the link between the breach and the illicit programs, known as “malware.”
    The company doesn’t know how the malware — short for malicious software — got onto nearly all its 271 stores’ servers, Hannaford spokeswoman Carol Eleazer said.
    “Virtually everything is possible,” she said. “There are still many, many aspects that we don’t totally understand.”
    At least 1,800 cases of fraud have been linked to the data breach, with unauthorized charges showing up as far afield as Mexico, Italy and Bulgaria.
    The breach has prompted concern in the industry because it appeared to be the first large-scale theft of credit and debit card numbers while the information was in transit.
    The usual mode of attack targets data sitting in databases, as in the record-setting theft of information from Massachusetts-based TJX Cos. involving least 45 million card numbers belonging to customers of T.J. Maxx and Marshalls stores.
    TJX Cos. agreed to regular external security audits in a settlement this week with the Federal Trade Commission regarding the breach, which occurred in 2005 and 2006. The FTC lacks the authority to impose fines.
    Sherry Lang, TJX’s senior vice president for investor and public relations, said the company disagreed with the FTC’s allegations that it didn’t properly protect customer data.
Logged
Private Message Reply: 19 - 25
MobileTerminal
March 29, 2008, 6:58am Report to Moderator
Guest User
This is incredible.

"Virtually everything is possible" and "... we dont totally understand." ... time to find a new place to do business, I won't be going back to Hannaford.
Logged
E-mail Reply: 20 - 25
Shadow
March 29, 2008, 7:27am Report to Moderator
Hero Member
Posts
11,107
Reputation
70.83%
Reputation Score
+17 / -7
Time Online
448 days 17 minutes
Someone should tell Hannaford about a good spysweeping program like most of us use on our home computers.
Logged
Private Message Reply: 21 - 25
bumblethru
March 29, 2008, 1:43pm Report to Moderator
Hero Member
Posts
30,841
Reputation
78.26%
Reputation Score
+36 / -10
Time Online
412 days 18 hours 59 minutes
I'm sure that Hannaford is not the only company that doesn't have a good cyber security safeguard system. It is just a matter of time when it will happen again to yet another company. And yet we just continue to walk up to registers and do the 'swipe thing' and think we are safe. Come on people....CASH IS STILL KING!!!!


When the INSANE are running the ASYLUM
In individuals, insanity is rare; but in groups, parties, nations and epochs, it is the rule. -- Friedrich Nietzsche


“How fortunate for those in power that people never think.”
Adolph Hitler
Logged
Private Message Reply: 22 - 25
Admin
April 23, 2008, 7:24pm Report to Moderator
Board Moderator
Posts
18,484
Reputation
64.00%
Reputation Score
+16 / -9
Time Online
769 days 23 minutes
http://www.dailygazette.com
Quoted Text
Hannaford enhancing data network security following credit card fraud
BY JERRY HARKAVY The Associated Press

    PORTLAND, Maine — Hannaford Bros. Co. said Tuesday it is spending millions of dollars to enhance the security of its data network following a massive security breach that exposed up to 4.2 million credit and debit card numbers to fraud.
    It was during the card approval process that customer accounts at grocery stores in the Northeast and Florida were compromised from Dec. 7 to March 10.
    That exposure occurred even though the company met the latest standards for data security.
    Company officials said Tuesday that the new measures include encryption of all card numbers during the entire time they are within the supermarket’s data network.
    Hannaford also said it has installed a “24/7-managed security monitoring and detection service” from IBM to detect intrusions.
    Hannaford President and Chief Executive Officer Ron Hodge apologized again Tuesday to customers for concerns and inconvenience they experienced because of the breach and reported that there has been no drop in sales since it was announced five weeks ago.
    He called it one of the biggest challenges in the Scarboroughbased company’s more than 100-year history.
    In a conference call with reporters, Hodge and Bill Homa, senior vice president and chief information officer, declined to address the cause, scope and nature of the breach, citing the ongoing criminal investigation and pending litigation.
    Hannaford previously blamed unauthorized software that was secretly installed on its servers for the data breach that has been linked to about 1,800 cases of fraud.
    Accounts were stolen during the seconds it takes for information to travel to credit card companies for approval after customers swiped their cards in checkout-line machines.
    Card numbers are now encrypted from the checkout line to the server in the store and onto Hannaford’s corporate office, where the data is transferred to a machine run by its credit card processor, Homa explained later in an interview.
    Before the data breach, the credit and debit card number and expiration dates were not encrypted from the store server to the company headquarters, Homa said.
    “We’ve encrypted everything under our control in our environment,” he said, explaining that some of the security upgrades were in the works before the breach came to light.
    Avivah Litan, security analyst at Gartner Inc., said Hannaford’s encryption changes exceed industry standards and will leave the company with higher state-of-theart technology than their payment processors when it comes to protecting data in transit.
    “They’ve actually gone above and beyond the call of duty,” Litan said. “If you encrypt data in transit and you encrypt data in motion you really eliminate much of your risk.”
    The Hannaford case is among the largest security breaches on record but is much smaller than the tens of millions of credit cards that were exposed at TJX Cos. of Framingham, Mass., which has 2,500 stores and includes the T.J. Maxx and Marshalls chains.
Logged
Private Message Reply: 23 - 25
senders
April 23, 2008, 8:11pm Report to Moderator
Hero Member
Posts
29,348
Reputation
70.97%
Reputation Score
+22 / -9
Time Online
1574 days 2 hours 22 minutes
There is no standard set......yet.....but when there is we will all have our numbers for purchasing and going to the doctor on our drivers licenses.....the government can track it then----just standard procedure,,,,mooooooove along....baaaaaaaaaaa........

Where are the 'Running Man' and the 'Demolition Man' when you need them........


...you are a product of your environment, your environment is a product of your priorities, your priorities are a product of you......

The replacement of morality and conscience with law produces a deadly paradox.


STOP BEING GOOD DEMOCRATS---STOP BEING GOOD REPUBLICANS--START BEING GOOD AMERICANS

Logged Offline
Private Message Reply: 24 - 25
Admin
June 3, 2008, 4:53am Report to Moderator
Board Moderator
Posts
18,484
Reputation
64.00%
Reputation Score
+16 / -9
Time Online
769 days 23 minutes
http://www.dailygazette.com
Quoted Text

Hannaford data breach lawsuits likely to become class-action case
The Associated Press

    PORTLAND, Maine — Nearly two dozen lawsuits arising from a data breach at Hannaford Bros. Co. are likely to be consolidated into a single class-action lawsuit, with two competing groups of law fi rms vying to lead the case.
    One group consists of three firms based in Chicago, Miami and Philadelphia; the other includes two fi rms in Portland and one in Boston.
    The massive breach that compromised up to 4.2 million credit and debit card numbers used at 165 Hannaford stores in the Northeast and 106 Sweetbay stores in Florida generated 14 lawsuits in Maine, seven in Florida, one in New Hampshire and one in New York.
    Within the next few weeks, a panel of federal judges is expected to consolidate the suits into a class action that would likely be heard in U.S. District Court in Portland.
    Plaintiffs will seek full compensation for those who lost money because of the breach and were not reimbursed by their banks or insurance carriers, said Michael Fantini of Philadelphia-based Berger & Montague. They will also seek compensation for those who endured the hassle and stress of having financial information stolen.
    “We’ve talked to hundreds of people who have had fraudulent transactions,” Fantini said. “A class action is a very suitable way to seek recourse on behalf of all the people at one time.”
    Janet Eames of Portland, who shops regularly at Hannaford, is skeptical about the process.
    “You see these huge cases and these firms get millions of dollars, and customers get a coupon for $5 off,” Eames said. “Then the store raises its prices to make up for what it paid in the settlement. I don’t think anybody wins.”
    Spokeswoman Carol Eleazer said Hannaford does not comment on pending litigation, but documents filed by its lawyers in federal court indicate that the Scarborough-based supermarket chain agreed that the separate lawsuits should be consolidated in Maine.
    Berger & Montague is collaborating with the Chicago firm Barnow & Associates and the Miami firm Harke & Clasby. The competing group consists of Murray, Plumb & Murray in Portland; Lewis Saul & Associates in Portland; and Shapiro Haber & Urmy in Boston.
Logged
Private Message Reply: 25 - 25
2 Pages « 1 2 Recommend Thread
|


Thread Rating
There is currently no rating for this thread