News Stay informed about the latest enterprise technology news and product updates.

Two men plead guilty in supermarket data security breach

Two Los Angeles area men plead guilty to using devices to bilk debit and credit card data from Stop & Shop supermarkets in Massachusetts and Rhode Island.

Two men have plead guilty and a third man is expected to plead guilty to stealing credit and debit card data using devices at Stop & Shop supermarket checkout counters. A case is pending against a fourth man in connection with the theft.

The men were from the Los Angeles area and arrested in February after a police investigation.

Arman Ter-Esayan and Gevork Baltadjian plead guilty to federal charges of aggravated identity theft and conspiracy to traffic in unauthorized access devices. A third suspect, Arutyun Shatarevyan has also agreed to plead guilty, according to an Associated Press report. The Rhode Island State Police published photos of the men allegedly entering the supermarket to retrieve the devices.

Data breaches, identity theft:
Data breach law could put financial burden on retailers: Legislation being considered in Massachusetts would shift the financial burden associated with a data breach onto retailers. It would be the first of its kind in the United States.

PCI compliance after the TJX data breach: The massive TJX data breach reinforced the need for stricter controls when handling credit card information. In this tip, Joel Dubin reexamines the need for the PCI Data Security Standard and advises how to ease the PCI compliance burden.

The men face a maximum sentence of five years for the conspiracy charges and identity theft carries up to two years in prison. Sentencing is set for Sept. 7.

Quincy, Massachusetts-based supermarket chain Stop & Shop acknowledged in February that thieves stole account and personal identification numbers from customers' credit and debit cards at two Rhode Island locations by tampering with checkout-lane computers.

Customer information was stolen from Stop & Shop stores in Coventry and in Cranston, and there's suspicion that stores in Bristol, Providence, Warwick, and Seekonk were affected, according to an announcement on its Web site. There's no evidence yet of fraudulent debit or credit card activity in connection with the security breach.

It is unclear how many customers were affected by the thefts and whether there has been any fraudulent activity connected to the stolen data.

Dig Deeper on Data security breaches

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.