Schnucks breach will likely cost millions

[InfoSec News <alerts () infosecnews org>]

http://www.stltoday.com/business/local/schnucks-breach-will-likely-cost-millions/article_a1cbd2d9-7105-5bfe-8d97-07e2d1381bab.html

By Georgina Gustin
stltoday.com
April 6, 2013

Book stores. Banks. Even data security companies. They’ve all become recent 
targets of increasingly sophisticated, determined — some say talented — hacker 
gangs.

The “Friendliest Stores in Town” appear to be among their latest.

Last month, Schnuck Markets Inc. confirmed it had been hacked and was 
investigating a breach that led to customer credit and debit cards getting 
fraudulently charged. The number of compromised cards is likely in the tens of 
thousands, experts say.

Immediately, the Maryland Heights-based company was lambasted for failing to 
report the breach sooner, and, more importantly consumers said, for not 
explicitly telling shoppers to stop using their cards while it worked to fix 
the problem. Loyal Schnucks shoppers said they’d migrate to competitors. They 
wanted an apology, which they say did not come soon enough or adequately.

On March 30, two weeks after it detected the attack, Schnucks released a 
statement, saying it had “found and contained” the breach. When pressed for 
details that would explain how the breach was located and fixed, the company 
would not provide any.

[...]

______________________________________________
Attend #HITB2013AMS April 8th - 11th in Amsterdam.
Featuring over 42 international speakers and keynotes
by Bob Lord and Edward Schwartz http://conference.hitb.org