Safeway investigates security after bogus emails

Red-faced Safeway apologises to customers after bogus email

High street supermarket Safeway is investigating a possible online security breach after hundreds of customers were sent hoax emails apparently from its computer system.

The emails contained false details of price increases at Safeway stores. They told shoppers to go elsewhere if they didn't like the rises.

According to a Safeway spokeswoman, the email hoax was sent out on Friday to "less than three thousand" of the company's Internet customers.

Safeway's Web site is not a shopping service and does not store customer's credit card details. The company has apologised by email to affected customers.

A Safeway spokeswoman confirmed that an investigation into the hoax is ongoing and the possibility that a hacker infiltrated its systems has not been ruled out.

"We're obviously taking this seriously, but the majority of our customers knew that it was a hoax," says the spokeswoman. "We are doing everything we can to get to the bottom of the situation."

According to John Everitt, a consultant with Firetrench Security, it is not especially difficult to disguise the origins of an email message.

Last Friday, UK retailer Woolworths inadvertently exposed customers' credit card numbers on its site and two weeks ago Barclays bank experienced technical problems that allowed customer accounts to be compromised online.

Take me to the ZDNet Online Security roundup

What do you think? Tell the Mailroom. And read what others have said.