Massive Data Theft Breached 'Secure' Network
Hacked supermarket chain sent data over cable, not wireless
By Laila Weir,  Newser User
Posted Mar 31, 2008 11:23 AM CDT
A Hannaford sign seen outside a store in Brunswick, Maine, March 19, 2008. The East Coast supermarket chain reported this week that card numbers were stolen during the credit approval process.    (AP Photo/Pat Wellenbach)
camera-icon View 3 more images

(Newser) – High-tech thieves were able to penetrate what experts called an especially secure computer network when they stole 4.2 million credit and debit card numbers from the Hannaford and Sweetbay grocery chains. Unlike stores that send data over wireless networks, the supermarkets used a theoretically less porous fiber-optic cable.

But malicious software installed on store computers poached the sensitive data, funneling it to an ISP outside the US; the Wall Street Journal reports that at least 1,800 cases of fraud have ensued. Debit card PIN numbers are likely safe, but the Northeast and Florida chains sent much of the credit card info to their servers unencrypted. "More than 90% of retailers can't encrypt," one security expert says.