Grocery Store Chain Tied To 400+ Credit Card Fraud Reports Since Jan. 18

Authorities say that the Basha's payment system was hacked.

Authorities say that the Basha’s payment system was hacked.

Customers of Arizona-based grocery store chain Basha’s should be checking their debit and credit card accounts. Authorities say that, just since Jan. 18, there have been more than 400 reported cases of fraudulent charges being made to accounts of people who had shopped at Basha’s.

According to, all of the victims in these cases had used their card at Basha’s or one of its associated store brands like AJ’s Fine Foods or Food City.

The Pinal County Sheriff’s Office believes that the company is the victim of an attack by hackers, who accessed the system used by Basha’s to capture payment information from debit/credit card users.

The company claims that the malware used in the attack has been contained and that all affected customers have been reimbursed. However, it is still suggesting that all customers check their card accounts for questionable transactions.

“Numerous investigators from various law enforcement agencies are working around the clock to find those responsible and put them behind bars,” said the Sheriff.

“Bashas’ is and has been compliant with all Payment Card Industry (PCI) security requirements,” said the company in a statement. “However, we recently located and removed a highly-sophisticated piece of malware that has never been seen before in the industry. The malware has been identified and contained, and we are working with forensic specialists and federal law enforcement officials in their investigation to find those responsible.

“We’ve also installed additional security measures (beyond what is required by the industry) to our point of sale and enterprise systems to further protect our customers’ information from such attacks in the future.”

Thanks to Sherri for the tip!

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.