{"headline18"/}Who to call

ä SFCU main number: 967-7101 or (877) 642-SFCU(7328)

ä SFCU Visa debit lost or stolen: (800) 472-3272

ä Wilber National Bank main number: 432-1700 or (800) 374-7980

ä NBT: (800) NBT-BANK

ä Hannaford's service line: (866) 591-4580

Area residents may have been exposed to a security breach at supermarket chain Hannaford Bros. that led to thefts of customer credit and debit card numbers, the company announced Monday.

Hannaford said credit and debit card numbers were stolen during the card authorization transmission process, but no personal information such as names, addresses or telephone numbers was divulged.

The grocery chain said it doesn't collect, know or keep any personally identifiable customer information from transactions. The breach started late last year and ran until last week, officials told The Associated Press.

In Oneonta, Wilber National Bank was in the process of replacing some terminated cards, a bank official said Monday, and officers at two other local financial institutions said safeguards are in place to protect customers against fraudulent use of credit and debit cards.

Douglas Gulotty, president and chief executive officer at Wilber, said the bank received a fraud alert from Visa that hundreds of customers' accounts could be affected, but the retailer hadn't been identified. The only prudent step was to terminate access to the cards, call consumers and begin replacing the cards, he said Monday night.

``It's a dreadful inconvenience to individuals,'' Gulotty said. Terminating the cards was necessary because officials can't tell if encrypted or personal identification data has been violated, he said.

Separately, a Wilber official said Visa notified the bank that it had canceled about 1,200 Wilber Visa-based debit cards.

Sidney Federal Credit Union was notified about the Hannaford situation Monday afternoon by its processor, said James Doig, SFCU president and chief executive officer. The processor didn't have or didn't know which accounts were impacted, he said.

But SFCU has comprehensive fraud monitoring for credit and debit cards, Doig said, and if a member, Visa or Mastercard notifies the institution about fraudulent use, the holder won't be liable.

``We're not even sure if any of our members are affected,'' Doig said. ``We will continue to get information about this and take appropriate action.''

Jamie Reynolds, senior vice president of NBT Bank, said the situation is handled by the institution's headquarters in Norwich. Such problems might develop once or twice a year, he said, and it's likely that some NBT customers are impacted in this case.

``These things do happen,'' Reynolds said.

If customers are impacted, they won't be liable for fraudulent uses, he said.

Hannaford warned customers to watch their credit and debit card statements and alert authorities in the event of unusual transactions. It also told customers to beware of hoax e-mails and calls from people claiming to represent Hannaford and seeking to collect personal information.

The security breach affects all of Hannaford's 165 stores in New England and New York, 106 Sweetbay stores in Florida and a smaller number of independent groceries in the Northeast that sell Hannaford products.

Of 4.2 million credit and debit cards potentially exposed to fraud, about 1,800 cases reported credit or debit card fraud so far, said Carol Eleazer, Hannaford's vice president of marketing. Hannaford first became aware of unusual credit card activity Feb. 27.

Investigators later discovered that the data breach began Dec. 7; it wasn't contained until March 10, Eleazer said in an Associated Press story. She defended Hannaford's response to the breach.

"We moved with all deliberate speed to get out to customers with information that we could have confidence in," she said. "This is a complex undertaking."

In a prepared statement, Ronald C. Hodge, Hannaford president and CEO, said, "We sincerely regret any concern or inconvenience this has caused. ... We have taken aggressive steps to augment our network security capabilities."

The U.S. Secret Service, whose duties include investigating electronic crimes such as data breaches, confirmed it's investigating but declined to comment on the scope of the crime.

The 4.2 million card numbers that Hannaford said were potentially exposed and 1,800 cases of related fraud rank the case among the largest breaches on record involving retailers, the AP reported.

But the case is still far smaller than the biggest hack measured by the number of customer records involved "" last year's disclosure of a breach at TJX Cos., the Framingham, Mass.-based operator of more than 2,500 discount retail stores including T.J. Maxx and Marshalls.

TJX reported last March that at least 45.7 million cards were exposed to possible fraud in a breach of its computer systems that began in 2005. However, banks' recent court filings in a lawsuit against TJX put the number of cards affected at more than 100 million.

Doig of SFCU said the T.J. Maxx case negatively impacted members, but such cases are rare. The Hannaford case is being monitored, and replacement cards will be issued if necessary, he said.

Hannaford's announcement came several hours after the Massachusetts Bankers Association warned that about one-third of its 200 member banks had been contacted by Visa and MasterCard, alerting them that some of the credit and debit cards the banks issued could be at risk.

But the retailer's name was a mystery for several hours until Hannaford's official announcement, the AP reported.


On the Net:


Trending Video

Recommended for you