Supervalu and AB Acquisition, the operator of the Albertsons chain of supermarkets, revealed the discovery of additional hack attacks made against the computer systems that the companies use to process payments done through debit cards and credit cards.
The companies announced that they have discovered a malicious program that was installed in late August or early in September that is different from the one that they have announced last month.
Supervalu reported in mid-August that it was investigating a reported data breach that affected about 180 stores and millions of customers' debit card and credit card information. The attack happened between June 22 and July 17.
"The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores," Supervalu CEO and President Sam Duncan then said.
Supervalu provides certain IT services to AB Acquisition's Albertsons stores, which means that the chain of supermarkets was also affected by the attack on Supervalu systems.
According to Supervalu, the latest hack targeted the networks used for card payment transactions in some of the company's Shoppers Food & Pharmacy, Shop 'n Save and Cub Foods stores, both owned by the company and franchises.
Supervalu warned its customers that the hack attack "may have been successful in capturing account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder's name, from payment cards used at some checkout lanes," which occurred between the dates of Aug. 27 and Sept. 21.
Supervalu is now currently cooperating with the authorities in the investigation regarding the matter. The company is also offering its customers, that used their debit cards and credit cards for transactions made at the affected stores, one year's worth of free services for consumer identity protection.
Supervalu added that the newly discovered malicious program affected the transactions made in four of its Cub Foods franchise locations in Minnesota, namely in Hastings, Roseville, Shakopee and White Bear Lake.
AB Acquisition, on the other hand, revealed that the attack may have affected customers that made card transactions at the company's ACME markets in Delaware, Maryland, New Jersey and Pennsylvania, along with Jewel-Osco shops located in Illinois, Indiana and Iowa. The company also noted that Shaw's and Star Markets shops located in Maine, Massachusetts, New Hampshire, Rhode Island and Vermont were also affected.