PORTLAND, Maine -- Unauthorized software that was secretly installed on servers in Hannaford Bros. supermarkets enabled the massive data breach that compromised up to 4.2 million credit and debit cards.
The Maine-based company is confirming a report in The Boston Globe that it told Massachusetts regulators this week about the link.
The company doesn't know how the malware -- short for malicious software -- got onto nearly all its 271 stores' servers.
A Hannaford spokeswoman says at least 1,800 cases of fraud have been linked to the data breach, with unauthorized charges showing up as far afield as Mexico, Italy and Bulgaria.
The breach has prompted concern in the industry because it appeared to be the first large-scale theft of credit and debit card numbers while the information was in transit.
The usual mode of attack targets data sitting in databases.
(Copyright 2008 by The Associated Press. All Rights Reserved.)
Fire tears through old Lawrence mill Cars collide; 1 into Peabody business building New Hampshire police seize 322,000 prescription pills Dump truck takes out utility pole in Topsfield Flaming truck leaves cloud of smoke in Framingham
