Jewel-Osco computers, containing customer credit and debit card information, have been affected by an “unlawful intrusion,” the grocery store chain’s corporate parent said Friday.
AB Acquisition said it had not determined whether any cardholder data was in fact stolen. However, “there’s no evidence that any data has been misused,” said spokeswoman Christine Wilcox.
The company sought to reassure shoppers by offering 12 months of free data protection through AllClear ID but consumers who called a toll-free number were getting disconnected, Wilcox said Friday afternoon. The company was working to establish a new toll-free number but consumers would not be able to sign up for the monitoring until Wednesday or Thursday, she said.
In the interim, Jewel-Osco has put a security update with questions and answers on its web site.
“We understand the inconvenience and concern an incident like this can cause, and we deeply regret that our customers’ data was targeted,” said Mark Bates, chief information officer at AB Acquisition.
Store employees have been provided with information to assist customers with questions, Wilcox said.
The company, which operates Albertsons stores under Albertson’s LLC and ACME Markets, Jewel-Osco, and Shaw’s and Star Markets, said its computers were accessed between June 22 and July 17.
The list of retailers that have been hit by breaches just this year includes Recreational Equipment Inc., CVS/Caremark, Goodwill Industries International Inc., Ebay, Aaron Brothers, Sally Beauty Supply, Home Depot, Sears, Michaels Stores and Neiman Marcus.
A mid-December data breach involving the credit and debit cards of millions of customers of Target Corp. cost the company $148 million, partially offset by a $38 million insurance receivable, the company said earlier this month.
To try to woo customers back into stores, the chain has relied on heavy discounting. For instance, in February, it was offering five 12-packs of Diet Coke products for $10, which Target Corp. CEO John Mulligan said was the lowest in more than a decade.
In an earnings call in May, Mulligan said by the end of the first quarter, most customers who avoided the chain after the breach had been back in stores at least once.
Other companies, including Northern Trust Co., PF Chang’s and the Wall Street Journal, have reported breaches.
Original Story http://www.chicagotribune.com/business/breaking/chi-report-jewel-osco-hacked-20140815-story.html