Two weeks to contain a security breach?!?!? (fwd)

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: Richard M. Smith <rms () computerbytesman com>

"Hannaford became aware of the breach Feb. 27. Investigators later 
discovered that the data breach began on Dec. 7; it wasn't contained until 
March 10, said Carol Eleazer, Hannaford's vice president of marketing in 
Scarborough."


http://ap.google.com/article/ALeqM5ipET-mkUFMHvZNMr5WJkcg82NHIwD8VFDD0O0

Breach Exposes 4.2M Credit, Debit Cards

By DAVID SHARP - 24 minutes ago

PORTLAND, Maine (AP) - A security breach at an East Coast supermarket 
chain exposed 4.2 million credit and debit card numbers and led to 1,800 
cases of fraud, the Hannaford Bros. grocery chain announced Monday.

Hannaford said credit and debit card numbers were stolen during the card 
authorization process and about 4.2 million unique account numbers were 
exposed.

The breach affected all of its 165 stores in the Northeast, 106 Sweetbay 
stores in Florida and a smaller number of independent groceries that sell 
Hannaford products.

The company is aware of about 1,800 cases of fraud reported so far 
relating to the breach.

No personal data such as names, addresses or telephone numbers were 
divulged - just account numbers.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml