Article

Two men plead guilty in supermarket data security breach

SearchSecurity.com Staff

Two men have plead guilty and a third man is expected to plead guilty to stealing credit and debit card data using devices at Stop & Shop supermarket checkout counters. A case is pending against a fourth man in connection with the theft.

The men were from the Los Angeles area and arrested in February after a police investigation.

Arman Ter-Esayan and Gevork Baltadjian plead guilty to federal charges of aggravated identity theft and conspiracy to traffic in unauthorized access devices. A third suspect, Arutyun Shatarevyan has also agreed to plead guilty, according to an Associated Press report. The

    Requires Free Membership to View

Rhode Island State Police published photos of the men allegedly entering the supermarket to retrieve the devices.

Data breaches, identity theft:
Data breach law could put financial burden on retailers: Legislation being considered in Massachusetts would shift the financial burden associated with a data breach onto retailers. It would be the first of its kind in the United States.

PCI compliance after the TJX data breach: The massive TJX data breach reinforced the need for stricter controls when handling credit card information. In this tip, Joel Dubin reexamines the need for the PCI Data Security Standard and advises how to ease the PCI compliance burden.

The men face a maximum sentence of five years for the conspiracy charges and identity theft carries up to two years in prison. Sentencing is set for Sept. 7.

Quincy, Massachusetts-based supermarket chain Stop & Shop acknowledged in February that thieves stole account and personal identification numbers from customers' credit and debit cards at two Rhode Island locations by tampering with checkout-lane computers.

Customer information was stolen from Stop & Shop stores in Coventry and in Cranston, and there's suspicion that stores in Bristol, Providence, Warwick, and Seekonk were affected, according to an announcement on its Web site. There's no evidence yet of fraudulent debit or credit card activity in connection with the security breach.

It is unclear how many customers were affected by the thefts and whether there has been any fraudulent activity connected to the stolen data.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: