Hackers access Sweetbay credit, debit card numbers

About 4.2-million Visa, MasterCard and Discover credit and debit card numbers -- 1.6-million of them used at Sweetbay Supermarket locations in Florida in the past three months-- were exposed when hackers tapped into the computer network at the Hannaford Brothers grocery chain in Portland, Maine.

So far fewer than 2,000 incidents of attempted credit card fraud have been identified.

The U.S. Secret Service has opened an investigation into the data theft.

But Hannaford, which handles all payment transactions for its corporate sibling Sweetbay Supermarket in the Tampa Bay area, suggests that any customer who executed a credit or debit card transaction at one of its stores between Dec. 7, 2007, and March 10 doublecheck his card or bank statements for any unauthorized or unfamiliar transactions.

If there are questionable transactions, the company advises that shoppers call the card company, their financial institution or both.

Hannaford and Sweetbay do not know the affected customers' names or ways to contact them. So the company will not be making any calls or sending e-mails to shoppers who may have been affected. So if someone calls asking for personal information regarding the hack, be suspicious because they are not from the grocery chain, the company said.

Hannaford was alerted Feb. 27 by a payment card clearinghouse of an unusual number of payment card transactions. By March 8 the company, in concert with card issuers and federal investigators, had identified the breach and by March 10 had plugged the holes.

An investigation into how and where the breach occurred continues. Hannaford transmits its payment data over phone lines and uses encrypted wireless communications to transmit numbers inside its stores.

-- Mark Albright, Times staff writer