Safeway Says No Payment Data Stolen From California Stores, Only Colorado

There’s potential good news out of Safeway: while the company confirmed that they found skimmers in credit card payment terminals in two states, a spokesperson says that the baddies didn’t harvest any customer data from the stores in California. Instead, the grocer found them back in September while inspecting terminals. While it’s good news that customers didn’t walk up to an ATM only to find their bank accounts drained, it’s still worrisome that someone was able to install the skimmers in the first place.

“It is important for customers to know that no credit or debit card data was compromised by the two skimmers,” a Safeway spokesperson told the San Jose Mercury News. “No skimmers have been discovered since that time.”

The company denies that skimmers were found in the California towns of Castro Valley and Menlo Park, which the blog Krebs on Security reported was one theory that security experts in banks had shared. The payment terminals that were compromised were in Dublin and Walnut Creek, and Safeway claims that no customer data was taken from those stores. If banks were following a scam trail that led to northern California, though, there may be something to that: the affected store could be a different one.

Safeway: Customers’ data not compromised by skimming attack at Bay Area stores [San Jose Mercury News]

by Laura Northrup via Consumerist