PORTLAND, Maine (4/3/09)--A U.S. District Court judge heard arguments Wednesday and said he would decide in a few days whether supermarket giant Hannaford Bros. is potentially liable for damages from a data breach that exposed more than four million credit and debit card numbers to hackers last year. Judge D. Brock Hornby's upcoming ruling will determine whether parts or all of the suit, which was filed against the Scarborough, Maine-based grocer last year, will go to trial. Attorneys for Hannaford asked the judge to dismiss the case, while attorneys for the plaintiffs asked the judge to certify the case as a class-action suit and let it proceed to trial (Portland Press Herald and Maine Sunday Telegram April 2). The case examines two central questions, which Hornby said are "fascinating and difficult issues": To what extent are merchants responsible for security the electronic data that gets processed with every card-based purchase, and what should the consequences be when the data are stolen? Between Dec. 7, 2007, and March 10, 2008, cyber criminals hacked into Hannaford's system and accessed card numbers used at 165 Hannaford supermarkets in the Northeast and 106 Sweetbay stores in Florida. Of the four million cards compromised, at least 1,800 numbers were stolen and used for unauthorized purposes. The breach was discovered Feb. 27, 2008, and Hannaford made the breach public March 17, 2008. Credit unions in New England, New York and Florida were among the financial institutions that re-issued cards for members whose accounts were compromised (News Now April 17, 2008). More than 20 lawsuits were filed after the breach. They were consolidated and assigned to the Maine court. Plaintiffs' attorneys seek damages for thousands time and money lost dealing with the theft, as well as damages because Hannaford allegedly knew about the breach at least three weeks before making a public announcement. The delay, said the attorneys, exposed consumers accounts to more fraud.