Breach, Threat Management, Data Security, Network Security

Maine’s Yellowfront Grocery hit by breach, other stores may be affected


Yellowfront Grocery in Damariscotta, Maine, notified its customers via Facebook that it had experienced a point-of-sale (POS) breach on Oct 23.

How many victims? Undetermined. But two banks have issued 3,000 replacement payment cards in response to the breach.

What type of information? Yellowfront Grocery store owner Jeff Pierce told that he is certain payment card numbers were compromised but is unsure if additional information was stolen. A CSTARS of Maine spokesperson told that only Track 2 data including card numbers and expiration dates were stolen and that no cardholder data was compromised. 

What happened? Pierce said an attacker stole the payment card data before it was encrypted by planting “RAM scraper” malware on the system of the store's POS software provider, CSTARS of Maine. He believes the attacker accessed his store's payment system by logging into it through CSTARS's compromised system. The CSTARS of Maine spokesperson said the attacker gained access through compromised LogMeIn credentials.

What was the response? Pierce said his store's systems are now secure and that he is working with the Secret Service and CSTARS of Maine to investigate the incident.

Details? Authorities believe that cards used at the store between August 11, 2015 to October 16, 2015 are at risk of being compromised. The local branch of First Bancorp and Damariscotta Bank & Trust are replacing nearly 2,000 cards and 1,000 cards, respectively, in relation to the breach. Pierce said he's heard some reports of fraud.

Quote? “Even if your card hasn't been compromised I'd recommend you get a new card if it was used at the store between Aug. 11 and Oct. 15,Pierce said.

Source: Yellowfront Grocery owner Jeff Pierce, CSTARS of Maine, WCSH6 

UPDATE: This story has been updated to include comments from CSTARS of Maine.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.