Supermarket chain Stop & Shop announced on Friday, May 15, a potential data security issue that affects five store locations in New Jersey, Connecticut, and Massachusetts.
The company discovered on Friday illegal skimming devices planted at five store locations. These were identified on routine security scans at the said locations, with possible payment information tampered.
According to Stop & Shop, they’ve already removed the devices and reviewed store surveillance to determine the people behind the attack. Additionally, the surveillance can help find out how long these skimming devices were in use.
“We take our obligation to safeguard our customers’ personal information very seriously, and we are very sorry this may have impacted them. We have taken immediate steps to increase monitoring across all registers at all stores,” said senior vice president Dean Wilkinson.
Stop & Shop already notified the authority and engaged in third-party forensic experts to analyze the device. Additional security inspection was conducted to ensure no additional devices were found in all stores.
The five Stop & Shop stores affected are 404 Springfield Ave, Berkeley Heights in New Jersey, 8 Franklin Street, Bloomfield, in New Jersey, 1189 Broad Street in New Jersey, 25 Old King’s Highway North in Connecticut, and 19 Temple Street, Framingham, Massachusetts.
According to the supermarket chain company, customers who visited these stores during the periods February to April 30, 2020, are possibly affected. Although there’s no evidence that any of the information has been misused, the company warns all its customers of potential threats.
Aside from the stricter inspections per store, Stop & Shop also deployed detection tools to increase security in each store. ‘We will continue to be as vigilant as possible in order to protect our customers’ data,’ said the company.
The supermarket chain also asked customers to fully review and monitor payment cards, account statements, and reports. If unauthorized transactions were made in these cards, customers can immediately contact relevant payment card companies to report the issue.
Stop & Shop also clarified that only self-checkout lane was impacted at each store and transaction data on the mentioned period are affected. The company said customers could reach out to their hotline at 1-800-767-7772 to get further information on the incident.
Meanwhile, security firm Krebson Security said skimming devices installed are small, thin cards placed between the chip reader and the chip that records the data while the reader is used. The information will be cloned into the magnetic strip, which criminals use to get information.