Hackers steal Supervalu’s customer data

NEW YORK – A data breach at Supervalu may have impacted as many as 200 of its grocery and liquor stores and potentially affected retail chains recently sold by the company in two dozen states.

The announcement lengthens the list of retailers that have had security walls breached in recent months, including Target and P.F. Chang’s.

Hackers accessed a network that processes Supervalu transactions, with account numbers, expiration dates, card holder names and other information possibly stolen, the company said. Those systems are still being used by the stores sold off by Supervalu last year for $3.3 billion, potentially opening up customer data at those stores as well.

The breach occurred between June 22 and July 17, according to Supervalu, which said it took immediate steps to secure that portion of its network.

The cards from which data may have been stolen were used at 180 Supervalu stores and liquor stores run under the Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy names.

But Supervalu said a related criminal intrusion occurred at the chain stores it sold to Cerebus Capital Management LP in March 2013, stores that Supervalu continues to supply with information technology services. Those stores include Albertsons, Acme, Jewel-Osco, Shaw’s and Star Market – and related Osco and Sav-on in-store pharmacies in two dozen states.

Supervalu has yet to determine if any cardholder data was actually stolen and said Friday that there’s no evidence of any customer data being misused. Information about the breach was released out of “an abundance of caution,” the company said.