LAKE ST. LOUIS, MO (KTVI)– Schnucks has said the cyber attack that resulted in card numbers being stolen from customers was contained. They also say credit and debit card users can safely use their plastic at Schnucks again. But is that true?
Schnucks claimed the problem was solved on the morning of Saturday, March 30th. Five days later, Thursday, April 4th, software engineer Aaron Bailey used his debit card at the Schnucks in Lake St. Louis.
“I had stayed away from purchasing from there while this was going on. I stopped in on Thursday evening on the 4th, made a purchase, and by Friday evening Bank of America did a fantastic job of catching irregular activity in Kansas, at a hotel in Kansas,” Bailey stated.
And his thoughts, as a software engineer, about having his card hacked after he was assured by Schnucks it was safe to use?
“I understand they’re in a difficult position. However, to say that you’ve contained the problem when you haven’t is putting our erroneous information and giving the public a false sense of confidence,” he said.
|This Week’s Mug Shots: 4/1/13||Pictures: Wizard World Comic Con||Check out your neighborhood!||Pictures: 2014 Calendar Girl Search||Pictures: No Pants MetroLink Ride|
Schnucks tells FOX 2 that is not the case. They still claim they have “contained the attack.” Schnucks says any card that might have been previously accessed by the cyber-attack is still subject to fraud.
They also claim the damage was fairly minimal, but we’re getting indications that thousands, maybe tens of thousands of customers, might have been hacked.
Schnucks has hired Virginia computer security firm Mandiant to investigate. Federal law enforcement officials say they have no idea how many Schnucks customers were hacked, because Mandiant and Schnucks haven’t told them yet.
As to whether customers might still be at risk? We’re still waiting to hear back from Schnucks.
Meanwhile, computer security expert Skip Foss says attacks like this against retail establishments are fairly rare and that this might be the first of a new generation of cyber attacks against retail chains.