PORTLAND, Maine — Hannaford Supermarkets' website is back online after more than a week of being down. But, there are still a lot of questions about whether there was a cyber hack and whether customer information has been compromised.
The store first reported a "network issue" on Nov. 7, and pharmacies seemed to be the first departments to show signs of trouble. Many customers were unable to fill prescriptions due to the disruption.
“They couldn’t fill it because they didn’t have internet to look up the prescription,” said one Bangor customer.
By the next day, Hannaford announced that most pharmacies were operational again, but its website and the Hannaford To Go online ordering system remained down.
Despite multiple inquiries from NEWS CENTER Maine, Hannaford did not provide specific details about the issue or the status of customer data security. Hannaford's parent company, Ahold Delhaize, confirmed that the disruption stemmed from a cybersecurity issue impacting its U.S. network but declined to elaborate further.
After being offline for 12 days, the company confirmed on November 18 that its website and To Go ordering system had returned to normal operations. Officials still didn't go into detail about the cause of the outage or whether a potential data breach occurred.
Hannaford spokesperson Ericka Dodge did address the customer concerns, stating, “We understand that our customers have questions about the cybersecurity issue. Because an investigation is ongoing, we're not able to share additional details at this time....We deeply value the relationship with our customers and appreciate their patience.”
However, some customers remain uneasy, particularly those who saved credit card and personal information in the Hannaford app.
Dr. Lori Sussman, a cybersecurity expert and professor, said these concerns are valid.
“If somebody has your name, your address, your phone number, they can do some damage with that little amount of identity information,” Dr. Sussman explained.
She advised customers to act quickly in the wake of a potential data breach:
- Delete saved personal or payment information from the company’s accounts
- Order a replacement credit or debit card if payment information was stored
- Avoid saving sensitive data on websites or apps to minimize risk
“It may be a hassle, but at the same time, it may save you thousands of dollars,” Sussman said.
Specifically with the holidays coming up, she believes the risk isn't going away anytime soon.
"Hackers are really good at figuring out what's going on in the world and then exploiting it, so they're going to exploit our happy holidays unfortunately," Sussman said.
Sussman also said there is a system known as a password manager that can save your information and insert it into websites when you want to check out, rather than letting the sites hold onto it. She recommends using that when shopping online.
