CHANDLER, Ariz. — Bashas’ here said Tuesday that it was the victim of a cyber-attack through which the perpetrators appear to have gained access to customers’ payment-card information.
“Bashas' is and has been compliant with all Payment Card Industry [PCI] security requirements,” the company said in a statement. “However, we recently located and removed a highly sophisticated piece of malware that has never been seen before in the industry. The malware has been identified and contained, and we are working with forensic specialists and federal law enforcement officials in their investigation to find those responsible.”
A spokeswoman for Bashas’ told SN that the company had been contacted by customers “in some counties” who noticed suspicious activity on their payment-card accounts, which prompted it to investigate.
Bashas’ said in its statement that it has installed additional security measures in its point-of-sale and enterprise systems to further protect customer information. It has also sent emails to customers and media outlets, and posted notices in all of its stores notifying customers of the situation and asking them to monitor their credit card and debit card accounts.
Local reports said that more than 400 customers who had used credit or debit cards at Bashas’ had reported fraudulent charges.
In 2008, hackers accessed the payment-card data of millions of customers of Hannaford Bros., Scarborough, Maine, and other retailers though their third-party payments systems processor. Hackers also stole customer information from Quincy, Mass.-based Stop & Shop in 2007 by placing "skimming" devices at stores' card-reader terminals.
Read more: Hacker Makes Guilty Plea in Hannaford Breach
|Suggested Categories||More from Supermarketnews|