Hannaford Bros. Co. leaders said that the grocer expects to spend “millions” of dollars on IT security upgrades after a major data breach resulted in the theft of up to 4.2 million credit and debit card numbers from its systems.

Hannaford disclosed on March 17 that unknown intruders had broken into its computer network and stolen the credit and debit card numbers as well as their expiration dates. In a letter sent to Massachusetts officials eight days later, the company said that the perpetrators had planted malware on the servers at each of the 294 affected stores.

The company said it will install new intrusion-prevention systems that will monitor activities on Hannaford’s network and the individual systems at its stores, in addition to the deployment of PIN pad devices featuring Triple DES encryption support in store checkout aisles.

Hannaford has also contracted IBM to do network monitoring under a managed security services deal, said Ron Hodge, the grocer’s president and CEO, and Bill Homa, its CIO. The company also replaced all of the servers in its stores as part of an effort to rid its network of malware that was placed on them during the breach.

This entry was posted on Wednesday, April 23rd, 2008 at 9:15 pm and is filed under Hannaford Bros data breach, ID Theft Prevention, credit card numbers, id theft prevention, identity theft protection, major data breach, malware, security breach, stolen debit card. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.