BOSTON and SCARSBOROUGH, Maine (3/24/08)--Hannaford Bros., the Maine-based grocery store chain that announced a data breach last week, has posted a list of 24 other, independent groceries affected by the breach. The grocers are located in Maine, New Hampshire and New York. They include several Shop 'N Save and Paradis stores and others. (For a full list, use the resource link.) They are in addition to the 165 Hannaford Bros. stores in several New England states and 106 Sweetbay stores in Florida affected when the company announced the breach last week. Maine's credit unions and banks will feel the brunt of the attack, which the Maine Credit Union League has called more significant to Maine's credit unions than last year's TJX Cos. discount store breach. Jon Paradise, governmental and public affairs manager at the league, told media that just about everyone in Maine probably bought groceries in the time period of the breach--from Dec. 7 to March 10, so the pool of users in the state affected would be much larger. "We're still trying to get our arms around it and figure out what the whole scope of it is," he told Associated Press (via Business Week March 21). Already, the 68 credit unions are reissuing more than 100,000 credit and debit cards to try to limit the amount of fraud. Hannaford says that about 4.2 million card numbers are compromised. Security specialists are calling the breach the first-of-its-kind crime, because the credit and debit card numbers were stolen while in transit when a consumer swiped their card at a purchase, rather than from a database with stored information. (Mainebiz March 21). The new information prompted the Massachusetts Attorney General's office Friday to "strongly urge" Hannaford customers to "take precautionary steps" and contact the fraud departments of their card issuers, review their account statements and cancel the card if they find evidence of fraud. "We now believe that any consumer who made any purchase with either a credit or debit card at a Hannaford Brothers Supermarket between Dec. 7, 2007, to March 10, 2008, should assume that their credit or debit card numbers have been compromised," said Attorney General Martha Coakley. Two lawsuits already have been filed in the breach (News Now 3/21/08).