Bashas' Inc. Data Breach (2013)

Bashas’ here said Tuesday that it was the victim of a cyber-attack through which the perpetrators appear to have gained access to customers’ payment-card information. “Bashas' is and has been compliant with all Payment Card Industry [PCI] security requirements,” the company said in a statement. “However, we recently located and removed a highly sophisticated piece of malware that has never been seen before in the industry. The malware has been identified and contained, and we are working with forensic specialists and federal law enforcement officials in their investigation to find those responsible.” A spokeswoman for Bashas’ told SN that the company had been contacted by customers “in some counties” who noticed suspicious activity on their payment-card accounts, which prompted it to investigate.