The latest retailer to be hit with a data breach incident in the United States is National Grocers after sources in the financial industry confirmed to KrebsonSecurity that they had identified a pattern of fraud on debit and credit cards of customers who buy their groceries at the 93 various outlets, across 15 states, of the organic and natural grocery chain.
According to US investigative reporter, Brian Kerbs, the Point of Sale Systems (POS) were breached by the hackers at various outlets sometime in December, 2014. This was possible because of the company's weak security if its database
The company said in its response that it was looking into 'a potential data security incident involving an unauthorized intrusion targeting limited customer payment card data.' The company has also not received any information of misuse of the data that has been put at risk, by and individual or financial institution. In wake of the event, the grocery chain has decide to speed up plans to install to Point of Sale systems that provide end-to-end encryption to add more layers of security to their network.
“These upgrades provide multiple layers of protection for cardholder data. The company is in the process of installing this new system at all 93 Natural Grocers stores in 15 states. The company takes data security very seriously and is committed to protecting its customers’ information. This is all the information the company is able to provide at this time, as the investigation into the incident is ongoing," the company's emailed statement concluded.
Many big retailers in the US such as Home Depot, Supervalu, Neiman Marcus and Target have been hit by hackers in recent times. The new POS systems conduct a transaction through the more secure Europay, MasterCard and Visa (EMV) standard, which is the latest technique being used to safeguard against card fraud at POS systems.
In October 2014, Obama signed an executive order for a speedier adoption of the EMV standards across USA. The federal government has been tasked with the charge of leading by example in securing customer transactions and sensitive data, throughout the whole of United States.