April 16, 2013

St. Louis-based Schnucks Markets Inc. was the victim of repeated cyberattacks between December 2012 and March 29, 2013 wherein approximately 2.4 million credit and debit cards used at 79 of its 100 stores may have been compromised.

The company further reported that only the card number and expiration date of the cards has been compromised – not the cardholder’s name, address or any other identifying information.

Schnucks said it has worked with its payment processor to ensure all potentially affected card numbers are sent to the credit card companies so that they may continue sending alerts to the issuing banks. According to the company, many banks have already taken the precautionary steps to protect their cardholders, such as adding enhanced transaction monitoring or reissuing a new card.

Cyberattacks that target millions of accounts are nothing new. Late last year, McAfee warned of an impending attack in 2013 dubbed "project blitzkrieg" targeting more than 30 financial institutions -- including PayPal, Citibank, Wells Fargo, Capital One, Navy Federal Credit Union and others -- though those attacks have apparently not come to fruition as of yet.

In recent years, hackers have also infiltrated Sony's PlayStation Network and breached email marketer Epsilon and security token provider RSA.

Schnucks operates 100 stores and 96 in-store pharmacies in Missouri, Illinois, Indiana, Wisconsin and Iowa.

[Related: New Threats, New Solutions: Combating Cyber Attacks]

Bryan Yurcan is associate editor for Bank Systems and Technology. He has worked in various editorial capacities for newspapers and magazines for the past 8 years. After beginning his career as ...