High-tech thieves were able to penetrate what experts called an especially secure computer network when they stole 4.2 million credit and debit card numbers from the Hannaford and Sweetbay grocery chains. Unlike stores that send data over wireless networks, the supermarkets used a theoretically less porous fiber-optic cable.
But malicious software installed on store computers poached the sensitive data, funneling it to an ISP outside the US; the Wall Street Journal reports that at least 1,800 cases of fraud have ensued. Debit card PIN numbers are likely safe, but the Northeast and Florida chains sent much of the credit card info to their servers unencrypted. "More than 90% of retailers can't encrypt," one security expert says. (Read more fraud stories.)