SUPERVALU Discovers Malware On Some Of Its Point Of Sale Systems; Enhanced Protective Technology Believed To Have Significantly Limited The Risk Of Data Theft

SUPERVALU INC.

previously announced, on August 14, 2014, that it had experienced a criminal intrusion into the portion of its computer network that processes payment card transactions at some of its retail food stores, including some of its associated stand-alone liquor stores (but not including its Save-A-Lot stores). The Company further announced at that time that, by means of the criminal intrusion, some types of cardholder data may have been stolen from payment cards used at the stores in question during a period that began no earlier than June 22, 2014 and ended no later than July 17, 2014. While the investigation of that incident remains ongoing, the Company still has not determined that any of such cardholder data was in fact stolen by the intruder during that incident. The Company has recently discovered that, in what it believes to have been late August or early September 2014, an intruder installed different malware into the portion of its computer network that processes payment card transactions at some of its Shop 'n Save, Shoppers Food & Pharmacy and Cub Foods owned and franchised stores, including some of its associated stand-alone liquor stores. The Company believes this was a separate intrusion from the one announced on August 14. Upon recognition of this intrusion, the Company took immediate steps to secure the affected part of its network and believes it has eradicated the malware. An investigation of this recently discovered incident is underway. Importantly, the Company believes that its enhanced protective technology significantly limited this recently discovered malware's ability to capture data from payment cards where the malware was installed. Specifically, although the investigation is ongoing, SUPERVALU believes that this malware did not succeed in capturing data from any payment cards used at any stores other than at some checkout lanes at four Cub Foods franchised stores that are discussed below. Even as to the checkout lanes at these four stores, the Company has made no determination that any cardholder data was in fact stolen by the intruder. Moreover, although the investigation is ongoing, the Company believes this recently discovered malware was not installed at, and did not affect, any of its Farm Fresh or Hornbacher's stores, any of its owned or licensed Save-A-Lot stores or any of the independent grocery stores supplied by the Company through its Independent Business network (other than the affected Cub Foods franchised stores). The Company promptly notified federal law enforcement authorities of this criminal incident and is cooperating in their efforts to investigate the matter and identify those responsible. This press release has not been delayed as a result of law enforcement investigation. SUPERVALU has also notified the major payment card brands of this incident. “We care greatly about our customers, and the safety of their personal information will continue to be a top priority for us,” said President and CEO Sam Duncan. “We've taken measures to install enhanced protective technology that we believe significantly limited the ability of this malware to capture payment card data and we will continue to make these investments going forward.” SUPERVALU continues to take actions to implement further security enhancements and the Company is committed to continuing to improve its information security safeguards to protect its stores against these types of attacks. Although the investigation is ongoing, SUPERVALU believes that the recently discovered malware potentially captured data from payment cards used at some checkout lanes in four franchised Cub Foods stores in Hastings, Shakopee, Roseville (Har Mar) and White Bear Lake, Minnesota, where implementation of the enhanced protective technology had not yet been completed. For these four stores, SUPERVALU believes that the malware may have been successful in capturing account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder's name, from payment cards used at some checkout lanes during the period of August 27 (at the earliest) through September 21 (at the latest), 2014; however, the Company has made no determination that any cardholder data was in fact stolen by the intruder. Given the continuing nature of the investigation, it is possible that time frames, locations, at-risk data, and/or other facts in addition to those described above will be identified in the future. Although SUPERVALU has not determined that any cardholder data was in fact stolen by the intruder at the four franchised Cub Foods stores in Hastings, Shakopee, Roseville (Har Mar) and White Bear Lake, MN, the Company is offering customers who used their payment cards at those four stores during the relevant time period 12 months of complimentary consumer identity protection services through AllClear ID. SUPERVALU has established a call center to answer customer questions about the intrusions and the identity protection services being offered. This call center will be staffed Monday through Saturday from 8 a.m. to 8 p.m. Central time and can be reached at (855) 731-6018. Customers can also visit www.supervalu.com under the Consumer Security Advisory section for additional information about this intrusion and the intrusion announced on August 14 and the complimentary consumer identity protection services being offered through AllClear ID. Customers are not responsible for counterfeit fraudulent charges on their credit cards or debit cards that are timely reported. Accordingly, if customers become aware of such activity, they should contact their issuing bank immediately. Below is a “Consumer Identity Protection Reference Guide” that details the steps customers can take to protect their information against potential misuse, including the option to place a fraud alert or a security freeze on their credit file. SUPERVALU urges customers to be vigilant and closely review or monitor their bank and credit card statements, credit reports and other financial information for any evidence of identity theft or other unusual activity. The Company reminds its customers that under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit bureaus. To obtain a free credit report, customers should visit www.annualcreditreport.com or call, toll free, (877) 322-8228. Some stores owned and operated by Albertson's LLC and New Albertson's, Inc. experienced a related criminal intrusion, also in what is believed to have been late August or early September 2014. For more information about the intrusion affecting Albertson's LLC and New Albertson's, Inc. stores, please visit albertsons.com, acmemarkets.com, jewelosco.com, or shaws.com. SUPERVALU provides information technology services to these Albertson's LLC and New Albertson's, Inc. stores pursuant to transition services agreements, and we have been working together to respond to the newly discovered intrusion into their stores. SUPERVALU believes that any losses incurred by Albertson's LLC or New Albertson's, Inc. as a result of the intrusions affecting their stores would not be SUPERVALU's responsibility. SUPERVALU continues to maintain insurance for cyber threats, which it believes should mitigate the financial effect on SUPERVALU of these and the previously announced intrusions, including claims made or that might be made against the Company based on these intrusions. Based on currently available information, SUPERVALU management does not believe that the ultimate outcome of these intrusions, including any related lawsuits, claims or other proceedings that have been or might be initiated against the Company, will have a material adverse impact on the Company's consolidated results of operations, cash flows or financial position. In the event the Company learns additional information or makes further findings regarding the intrusions that it believes are material to SUPERVALU and its stockholders, SUPERVALU will update its disclosures accordingly.