Shaw's, Star Market targeted by criminals seeking credit and debit card info

The parent company of Shaw's and Star Market announced today that somebody tried to access card information from customers between June 22 and July 17.

AB Acquisition has not determined that any cardholder data was in fact stolen, and currently it has no evidence of any misuse of any such data. ... AB Acquisition believes that the intrusion has been contained and is confident that its customers can safely use their credit and debit cards in its stores. ... Although it has not yet been determined whether any cardholder data was in fact stolen, and there is no evidence to date of any misuse of such data, AB Acquisition LLC is offering customers whose payment cards may have been affected 12 months of complimentary consumer identity protection services through AllClear ID.

The company says consumers can call AllClear at 1-855-865-4449 after 4 p.m. today or wait for additional information to show up on shaws.com sometime over the next 24 hours.

Neighborhoods: 

    Topics: 

    Free tagging: 

    Comments

    Shaw's

    By on

    Does anyone still shop there?

    (sarcasm!)

    I actually do most of my

    By on

    I actually do most of my shopping there. Market Basket sometimes, but can't stand the crowds after work.. Sure, you save a few bucks but sometimes I'm just not in the mood.

    I've had luck with Shaws but get produce at my produce market, wherever I end up getting my weekly order.

    I don't know the details of

    By on

    I don't know the details of how credit cards are processed, but does a store even have to store credit card numbers for longer than the instant it takes for a transaction to get approved? Not saving the numbers would make card number thefts virtually impossible.

    up
    11

    It sounds simple...

    By on

    If you've ever looked closely at your credit card statements, you will note that rarely a charge goes through at the time you passed the actual card through the reader. They are stored and submitted in a batch at intervals, as infrequently as once a day.

    It is illegal in this Commonwealth to keep unencrypted numbers on file (example A:I formerly worked for a small business who had to scrub their files when this law went into effect) but there are still companies using pretty rinkydink security measures (example B: I currently work for a much larger small buisiness where the credit card information is stored in a database for which every single user has the same password which contains the name of the company...)

    up
    10