Lucky Supermarkets credit card scam getting worse

The supermarket chain has previously said that about 80 people were affected, but a spokeswoman tells CNET that number is now much higher.

James Martin/CNET

Lucky Supermarkets, a chain in California, has been hit hard with a credit card scam.

The company announced the scam in November, saying customers and employees who used the self-checkout kiosks in more than 20 of its 234 stores might have fallen victim to tampered credit card readers. The hackers reportedly used devices called "sniffers" that recorded credit card numbers.

Soon after the information was made public, Lucky Supermarkets, as well as its parent company, Save Mart Supermarkets, said it was unsure how many people might have been affected but urged customers to monitor their accounts.

"We recommend our customers who used a self-checkout lane in the affected stores verify and monitor all credit/debit accounts with their financial institution to ensure everything is in order," the company said in a statement at the time. In subsequent announcements, the company has advised customers who used self-checkout lanes to close their accounts "and seek further advice."

Earlier this week, Save Mart said it had recorded "80 employee and customer reports of either compromised account data or attempts to access account data, with the majority coming over this past weekend." The company said, however, that its checks were not complete and that the number of recorded incidents could rise.

In a phone conversation with CNET today, a Save Mart representative confirmed that "more than 80 people" have been affected, but she cautioned that the company has yet to arrive at a new figure.

"As things go on, we're learning more and more," the representative told CNET.

Although Lucky's outbreak is major, it's by no means the biggest credit card scam consumers have faced. Earlier this year, Albert Gonzalez was sentenced to 20 years in federal prison after confessing to stealing millions of credit card and debit card numbers in attacks on customers at T.J. Maxx, BJ's Wholesale Club, Barnes & Noble, and other retailers.

Gonzalez was accused of using a laptop to find unsecured wireless networks in stores and then installing sniffer programs to collect data. That information was then placed on clone cards and used to withdraw cash from ATMs.

Although Gonzalez's alleged actions hit customers nationwide, Lucky's hacks have been centered around Petaluma, Sunnyvale, Mountain View, Foster City, and other California towns.

"Lucky Supermarkets sincerely regrets any inconvenience or concern this consumer notice may have caused you," the company wrote to customers in a statement last month. "Your confidence in our company and in your store is very important to us. We take seriously our responsibility to always keep our customers informed of any issues important to them."

About the author

Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Find Your Tech Type

Take our tech personality quiz and enter for a chance to win* high-tech specs!