Data breach mystery continues


Earlier this week, it was revealed that a data security breach at Hannaford Bros. Co., a chain of East Coast grocery stores, put over 4 million customers' credit card numbers at risk. The company was quick to issue a press release about its commitment to customers and its cooperation with credit card companies and law enforcement.

But the Associated Press is reporting one additional small (okay, not so small) detail: Hannaford doesn't really know how the security breach occurred. Company officials know that it occurred during the transmission of data while processing credit cards for payment. But that's all they know. If the company doesn't know how the breach occurred, how can they fix it or assure customers that it won't happen again?

Even more troubling: The company supposedly was complying with the latest security standards required by the Payment Card Industry. So by industry standards Hannaford may be doing everything right, yet customer data could easily still be compromised.

This situation highlights the need for consumers to be proactive in monitoring their own credit. We obviously can't trust merchants to keep our details safe all the time, so we're forced to keep a watchful eye over our credit card statements, bank statements, and credit reports. At the first sign of any suspicious activity, consumers should immediately act, closing accounts, having new numbers issued, and disputing any charges or accounts that are not legitimate.

Tracy L. Coenen, CPA, MBA, CFE performs fraud examinations and financial investigations for her company Sequence Inc. Forensic Accounting, and is the author of Essentials of Corporate Fraud.

Originally published