Gulf of Maine Atlantic salmon is on sale through next Saturday for $7.99 a pound, Buttercup, butternut and acorn squash are all available at 49 cents a pound. Stew beef is $5.99 a pound.
Hannaford’s, one of the area’s largest supermarket chains, is back.
After a ten-day absence due to a massive cyberattack, the Hannaford flyer returned to cyberspace early Sunday morning. Flyer-using customers at close to 150 Hannaford stores in New England and New York State (where there are at least 42) can resume their normal grocery-shopping habits. Consumers will find out in coming days how the malicious software installed on Hannaford’s computers affected other computer-dependent services provided by the supermarket chain.
The powerful cybersecurity incident at the U.S. division of Dutch-owned retailer Ahold Delhaize is believed to have impacted operations at several other of its chains, including Stop & Shop, Food Lion and Food Giant. Serving 63 million customers each week, Ahold Delhaize USA is the largest grocery retail group on the East Coast and the fourth largest grocery retail group in the U.S.
“Sorry!” apologized the Hannaford website. “We’re having technical issues with our servers. We’re working as quickly as possible to restore service.”
Another breach over a decade ago, according to the U.S. Secret Service, had begun as one message sent to a Hannaford store, and then multiplied to other Hannaford locations. The malicious software picked up credit-card numbers and expiration dates sent between the store and the credit-card company. It periodically sent the collected numbers to an IP address overseas.
Hannaford’s website said the data “was illegally accessed from Hannaford’s computer systems during the card verification transmission process in transactions.”
Whether the 2024 breach has involved the same behavior and resulted in similar criminality has not yet been reported
Problems spread quickly
The parent company did start taking some systems offline to help protect them, however.
“Ahold Delhaize USA recently detected a cybersecurity issue within its U.S. network. Immediately upon detecting the issue, our security teams began an investigation with the assistance of external cybersecurity experts. We also notified law enforcement,” it said in a statement. “This issue and subsequent mitigating actions have affected certain Ahold Delhaize USA brands and services, including a number of pharmacies and certain e-commerce operations.”
Part of Ahold Delhaize USA’s IT problems, cyber experts explained, was that it kept all its eggs in one basket. It uses “an omnichannel customer-centric business model” to integrate all its channels. That’s one reason why its problems spread so quickly.
Insurance Journal reported on November 13 that the cyberattack had disrupted online shopping, product deliveries and pharmacy services at some locations. Some New England grocery managers told customers that the cybersecurity issue had impacted truck shipments and the stores were not receiving scheduled shipments. There were unverified press reports of empty boxes and cleared-out shelves, as well as widespread out-of-stocks in the fresh-food departments of some stores. At least one Massachusetts location of Stop & Shop had signs up on Monday that said the outage could lead to product delivery delays.
There is an option for shoppers have an option to save their payment information and medical data through the pharmacy. The company has not said whether customer data was at risk in connection with the unspecified cybersecurity problem, leaving people worried about the security of their information.
Many customers use coupons to save but can no longer access them through the app. “It is an issue because that’s usually how you save all the money at Hannaford,” one customer complained.
“I didn’t know anything until I walked in to try to get on to the app to see what kind of coupons or sales they were having, and I can’t get in,” another customer told a New England newspaper.
A company spokesperson said Instacart and DoorDash orders have also been impacted. Company officials said some store locations may not be able to accept digital payments for now.
The Hannaford Facebook page said the company was working to process refunds. Hannaford representatives would not comment on whether all those refunds have been processed.
High-pressure situations
The cybersecurity news site The Record said no hacking group has claimed credit for the attack. It also said supermarkets are “often brought down by ransomware gangs and cybercriminal groups eager to exploit the urgency of restoration efforts.”
“A major cybersecurity incident is an extremely high-pressure situation where rapid action is needed to control and mitigate the immediate effects,” security expert Marc Solomon of the firm ThreatQuotient said in August. “But once the dust has settled and the pressure has alleviated a little, what should organizations do to learn from the incident and improve their security posture for the future?”
The consequences of every cyberattack are different — and often unexpected. For the mid-Hudson region, the shutdown and restart sounded echoes of the February 2023 cyberattack on the computer systems of HealthAlliance Hospital in Kingston and Margaretville. On March 5 of that year, HealthAlliance said that due to the outage it was exploring options to be able once again to receive claims and pay its providers. It announced agreement with a new claims clearinghouse.
After the emergency had passed, it turned out that the main concern of many users of the hospital system’s services was “the potential unauthorized access to or the acquisition of their personal Information,” as a $1.29-million proposed class-action settlement approved in August of this year by a Westchester County court put it. Such information included patient names, addresses, Social Security information, financial information, information related to patients’ care, treatment, diagnosis, appointments, health insurance, billing information and/or other health-related records.
Join the family! 
