Owners of several grocery store chains are telling customers to consider paying by cash or check while investigators try to secure a computer network that was hacked over the past two months and may have impacted customers in parts of Idaho, Oregon, Montana and Washington.
URM Stores is a Spokane-based regional wholesaler that processes a large share of the electronic payments made by shoppers at Yoke’s, Rosauers, Super 1 Foods, Family Foods, CenterPlace Market, and Trading Co. Stores.
Ray Sprinkle, the CEO of URM Stores, announced Monday that law enforcement officials and a financial institution alerted the company that it was the target of a criminal cyber attack in late October. The attack was focused on its payment processing system, leaving credit and debit card financial transactions vulnerable to a data breach.
Customers entering the regional stores are being asked to pay with cash or check.
“We are highly recommending customers to be sure to monitor account statements for any unauthorized charges,” a customer service attendant told the Beacon.
URM Stores, which supplies food and services to smaller grocery stores and chains, has said it is continuing to search for the source of the data breach.
It’s uncertain if the breach occurred at the local store level or at some other point in the network, Sprinkle said.
“The majority of our stores are at risk,” Sprinkle said.
A large number of consumers who have found unauthorized purchases on their cards have been customers who made card purchases at the stores served by URM, officials said.
URM collects the electronic purchases at its member food stores then transmits the data to First Data Corp., a major processor of payments based in Atlanta.
First Data has said it also is investigating the rash of card fraud.