Hannaford Bros. - 2008

This security breach affects all of its 165 stores in the Northeast, 106 Sweetbay stores in Florida and a smaller number of independent groceries that sell Hannaford products. The company is currently aware of about 1,800 cases of reported fraud related to the security breach. Credit and debit card numbers were stolen during the card authorization transmission process. It's unclear if personal information was exposed. UPDATE (4/2/2009): An April 2, 2009, news story indicated that between Dec. 7, 2007, and March 10, 2008, hackers stole credit and debit card numbers, expiration dates and PIN numbers from people shopping at Hannaford supermarkets. About 1,800 fraudulent charges had been made. UPDATE (5/14/2009): A federal appeals court has revived a Tampa class-action suit seeking money for Florida shoppers whose credit and debit card numbers were swiped in a data breach that hit 109 Sweetbay Supermarkets. The suit seeks free credit monitoring, credit repair if necessary and undetermined money damages to be split up among victims of the breach, including those unaware they were victims. UPDATE (5/22/2009): A Maine U.S. District Court dismissed most of a class action lawsuit against Hannaford, finding that there is no way to value the time and effort that consumers spent in correcting fraudulent activity resulting from the breach. The case of one named plaintiff was not dismissed. That plaintiff suffered actual monetary damages for unreimbursed fraudulent charges.UPDATE (11/2/2011): Federal Appeals Court Holds Identity Theft Insurance/Credit Monitoring Costs Constitute "Damages" in Hannaford Breach Case (Oct. 24, 2011) http://tinyurl.com/3kxxmnb. http://tinyurl.com/3jkg489UPDATE (3/29/2013): A United States District Court for the District of Maine has denied a motion that would have allowed a lawsuit to proceed as a class action.  The plaintiffs originally moved to certify the proposed class on September 4, 2012.  http://tinyurl.com/bsg9xpu