URM Stores’ investigation of a criminal cyber attack in November is coming to a close. “We now know which stores were affected by the attack and that the incident was limited to credit and debit card transactions made in those stores during time periods that range from Sept. 1, 2013 to Nov. 24, 2013,” said URM in a press release.
A list of stores affected and the specific time frame for each store can be found at www.urmstores.com under the “Credit/Debit Card Announcements” link. Only transactions at stores on the list during the defined time period were affected.
Some local stores include: Barney’s Harvest Foods in Orofino, Asker’s Harvest Foods in Grangeville, A&B Foods 1 and A&B Foods 2 in Lewiston, Valley Lapwai Foods in Lapwai, Cloninger’s Harvest Foods in Kamiah, Phil’s Family Foods in Kendrick, and White Pine Foods in Deary (Sept. 2, 2013 only).
On Nov. 25, URM Stores announced that it had found signs of a criminal cyber attach against their payment processing system. The attack was similar to attacks reported by other grocery stores and retailers.
In response, URM Stores engaged a leading computer security firm to investigate, and notices were posted in every store and on URM’s website.
“We blocked the attack and implemented enhanced security measures to make our systems more secure,” said URM.
For most of the transactions, URM believes that the attacker or attackers could only access “track 2” data—information on a credit or debit card’s magnetic stripe that contains only the card account number, expiration date, and card verification number.
For a small number of transactions, the attacker may have had access to “track 1” data, which contains all the information of track 2, plus the cardholder’s name. No customer addresses, phone numbers, or Social Security numbers were compromised in the incident. Social Security numbers are not collected by URM at all.
URM does not have sufficient information to identify which specific cards or data track from cards were actually taken, according to the press release. A letter or e-mail message will be sent to a small group of individuals for whom URM believes their track 1 data may be at risk.
A dedicated call center remains open for customers who have questions. The number is 877-237-7408 and the call center is open Monday through Friday, 9 a.m. to 6 p.m. Pacific, and 10 a.m. to 2 p.m. Saturday.
A list of stores affected and the specific time frame for each store can be found at www.urmstores.com under the “Credit/Debit Card Announcements” link. Only transactions at stores on the list during the defined time period were affected.
Some local stores include: Barney’s Harvest Foods in Orofino, Asker’s Harvest Foods in Grangeville, A&B Foods 1 and A&B Foods 2 in Lewiston, Valley Lapwai Foods in Lapwai, Cloninger’s Harvest Foods in Kamiah, Phil’s Family Foods in Kendrick, and White Pine Foods in Deary (Sept. 2, 2013 only).
On Nov. 25, URM Stores announced that it had found signs of a criminal cyber attach against their payment processing system. The attack was similar to attacks reported by other grocery stores and retailers.
In response, URM Stores engaged a leading computer security firm to investigate, and notices were posted in every store and on URM’s website.
“We blocked the attack and implemented enhanced security measures to make our systems more secure,” said URM.
For most of the transactions, URM believes that the attacker or attackers could only access “track 2” data—information on a credit or debit card’s magnetic stripe that contains only the card account number, expiration date, and card verification number.
For a small number of transactions, the attacker may have had access to “track 1” data, which contains all the information of track 2, plus the cardholder’s name. No customer addresses, phone numbers, or Social Security numbers were compromised in the incident. Social Security numbers are not collected by URM at all.
URM does not have sufficient information to identify which specific cards or data track from cards were actually taken, according to the press release. A letter or e-mail message will be sent to a small group of individuals for whom URM believes their track 1 data may be at risk.
A dedicated call center remains open for customers who have questions. The number is 877-237-7408 and the call center is open Monday through Friday, 9 a.m. to 6 p.m. Pacific, and 10 a.m. to 2 p.m. Saturday.
No comments:
Post a Comment