Ralphs Customer Data Stolen by Hackers

These days most people have frequent shopper or loyalty reward cards from grocery stores, drug stores and other large retailers. Ralphs, a large Southern California grocery chain and unit of American mega-grocer Kroger, announced Friday April 1st, their database of customer information had been compromised and the names and email addresses of those customers were stolen. This was not an April's Fools joke. This is the data provided willingly by Ralphs customers (including myself) to the company, in order to receive discounts. In today's difficult economy, these cards are almost mandatory to pay the lowest price possible on food, groceries and other items.

In addition to the personal data, the cards log and track every purchase made, to market related items to the consumer in the future and to sell and trade that purchase data with their suppliers, advertisers and related companies. Ralph's claims only the names and email addresses were compromised, but one can assume the purchase data would be stored in the same place, connected with those names and email addresses.

Ralphs has been proactive in addressing the issue and should be recognized for that. They must also be recognized and criticized for having a system obviously vulnerable to attack. In what I think is a good move to directly address the issue, there is a prominent link on the ralphs.com website advising customers of the breach and directing them to an information page. The information page describes the breach, what was compromised and how it may affect customers. They claim only the names and email addresses were accessed and that it may result in SPAM, if that data is used. Some customers have a Ralphs credit card connected to their loyalty card, Ralphs claims this data was not compromised, only the names and email addresses.

Ralphs is apologetic, but offers no compensation to its customers.

These programs are a bad deal overall for customers but the stores almost require their use by offering substantial discounts on so many items only available with their use. I feel the data provided is just too personal and linked with your name. Now they have a computer record of everything you purchase. Including medical items, rodent traps, pest control products, alcohol, everything. What if your health insurer could access your food purchases and base your rates on the amount of healthy food you buy?

There is also the complicated privacy policies of these companies, which in most cases allow them to share your personal information and shopping habits with other companies. For example, this is why you may receive a coupon in the mail for Brand A diapers, if you have bought Brand B. Ralphs has made your information available to Brand A, offering them the opportunity to pay Ralphs money to send you that coupon, knowing you are a diaper buyer.

There are some solutions I can offer readers, solutions to the problem of needing a loyalty card for the discounts, yet not wanting to provide personal information. Many stores offer the cards without providing information, sometimes you must ask for a manager. Many applications will have a tiny box and text, allowing you to opt out of even providing the info, some states now require this. There is no requirement to provide your real information, I simply use John Smith, 1234 Main Street, Anytown, USA for all these cards. I have a loyalty card from Ralphs, RiteAid even Pep Boys. Yes, I may miss out on email or mailed coupons, but I know my personal information is secure.

KTLA News "Ralphs Database Breach: Ralphs Database Hacked, Shoppers Information Compromised" from KTLA.com

More from this contributor:

"How I Saved Money Buying A Car"

"How To Get Better Results From Ebay"

"The Impact of the US Interest Rate on this Retired Homebuyer"