Grocer Aldi discloses breach of payment terminals

Share this article:
Grocery chain Aldi is warning customers that their payment card information may have been stolen after fraudsters placed altered point-of-sale terminals at a number of Aldi stores in 11 states.

How many victims? Undisclosed.

What type of personal information? Names, card account numbers, PINs.

What happened? The altered payment terminals were placed between June 1 and Aug. 31 at stores in  Connecticut, Georgia, Illinois, Indiana, Maryland, New Jersey, New York, North Carolina, Pennsylvania, South Carolina and Virginia.

Details: An Aldi spokeswoman declined to say how many stores, payment card terminals or customers were affected by the breach. However, more than 200 people who had shopped at an Aldi store in Wheeling, Ill. told law enforcement that they discovered unauthorized withdrawals of $100 to $900 from their bank accounts, according to reports. And, police in St. Charles, Ill. have said they received 32 reports of debit card fraud from people who had shopped at Aldi.

The company said it does not believe that any employees were involved in the breach.

Quote: “We take our obligation to safeguard our customers' personal information very seriously and we sincerely regret that this incident may affect our customers,” Terry Pfortmiller, vice president of finance and administration at ALDI, said in a statement.

What was the response? The breach has been reported to federal authorities. The company said it is investigating and believes it has removed all affected machines from its stores. Additionally, new security measures have been implemented to prevent a similar incident from reoccurring.

Aldi has recommended customers review and monitor their payment card statements and credit reports. Those who believe they were affected by the breach should immediately contact their bank or payment card company and local law enforcement. Customers with questions are advised to call Aldi at (877) 412-7152 or visit

Sources: Associated Press, “Grocer Aldi says vandals compromised payments,” Oct. 1, 2010.
Aldi news release, “Aldi Notifies Customers of Tampered Payment Card Terminals,” Oct. 1, 2010.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Next Article in The Data Breach Blog

Sign up to our newsletters



More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.