Retailer releases names of stores hit in fall credit breach
LAKE COUNTY – Pablo Family Foods and Blacktail Grocery were the only Lake County stores affected by a credit data breach that occurred sometime between Sept. 1, 2013 and Nov. 24, 2013.
The credit breach was part of a larger scheme that impacted more than 70 stores in Washington, Montana, Oregon, and Idaho that use Spokane-based URM Stores as a supplier. Once the attack was discovered, many local stores and banks put up notices and advertisements that warned against using cards until authorities were certain it was over.
After investigation, URM determined only some data ended up in the hands of fraudsters.
“For most of the transactions, we believe that the attacker could only access ‘track 2’ data – information on the cards’ magnetic stripe that contains only the card account number, expiration date, and card verification number,” URM Stores, Inc. CEO Ray Sprinkle said in a press release. “For a small number of transactions, the attacker may have had access to ‘track 1’ data, which contains the same data as ‘track 2’ plus the cardholder’s name.”
URM does not believe customer addresses, phone numbers or Social Security numbers were compromised.
“As our investigation closes, we do not have sufficient information to identify which specific cards or data track from the cards were actually taken,” Sprinkle said in the release. “We will be sending a letter or e-mail message to a small group of individuals where we believe track 1 data from their card was at risk and a member store could match the card holder’s name to a mailing or e-mail address on file.”
People who shopped at the stores during the attack should continue to be vigilant, the release said. Fraudulent charges should be reported immediately to the bank. Customers are not liable for fraudulent charges.
To view the complete list of stores affected by the attack visit: http://www.urmstores.com/html/URM%20-%20Payment%20Card%20Announcement%201-30-14.pdf.