Cyber attack that included two local groceries blocked, company says


Customers can safely swipe their cards at URM stores now that a cyber attack on the payment processing system has been blocked.

United Retail Merchants said Monday it had resumed use of credit, debit, EBT and gift cards at all of its member stores. That includes Super 1 Foods on Ninth Avenue and Walla Walla’s Harvest Foods on Second Avenue.

The company has implemented enhanced security measures to block the attack, according to an announcement.

Any card used before the attack was blocked — with the exception of separate stand-beside transactions — could have been accessed and may still be used to make fraudulent purchases, the company warned.

Those who used their cards in a store between Nov. 25 and Dec. 2 should continue to monitor their accounts for unauthorized charges and report those to the issuer of the card.

“We are incredibly grateful to our customers for their patience and understanding,” said URM Chief Executive Officer Ray Sprinkle in a prepared statement. “We are humbled by their support and continue to extend our sincere apologies for the frustration and inconvenience caused by this incident.”

Among those affected locally were about 2,400 Baker Boyer Bank customers, the Walla Walla institution reported.

The company has made “significant progress” reissuing cards for those customers, the company said this morning. Baker Boyer was notified about the compromised debit and credit card numbers last Friday.

In a move to protect customer security, management made the decision to block and reissue new cards to those affected. All other checking services are functioning normally, including check processing and online transactions.

“Unfortunately, online thieves are always going to be looking for new ways to get information,” said Baker Boyer incoming President Mark Kajita in a prepared statement. “We are continually investing in the most current technology to protect client information and minimize the impact on them in the process. But when we do identify risks to accounts, we take proactive action.”

The URM security breach compromised names and card numbers, but not addresses, dates of birth or Social Security numbers, the bank said.

“Because we are an independent community bank with all of our operations located here, we have also been working closely with retail merchants to mutually resolve problems,” said Chief Executive Officer Megan Clubb. “In some cases, the alert about the card being blocked led some merchants to mistakenly question whether checks from customers should be accepted. Checks continue to be a secure form of transacting business.”

Clubb said anyone who encounters a problem should immediately contact their branch or call customer service at 525-2000 or 800-234-7923. Updates will also be posted at

URM is a more than 90-year-old, Spokane-based wholesale cooperative of retail grocers.

The company is working with a security firm, its payment processor and the credit card companies to try to identify cards that may have been affected. It will also focus now on identifying which stores were affected and for how long. The hope is to alert companies that issued cards that they might be at risk so they can boost their monitoring or cancel and reissue the cards. URM is additionally working with law enforcement to find those responsible for the attacks.

Customers were advised last week to use cash or check to pay for their groceries. Another option was to use a slower dial-up connection to make card payments.

A dedicated call center remains open for customers with questions. Calls can be made to 877-237-7408 from 9 a.m. to 7 p.m. Monday through Friday, and 10 a.m. to 2 p.m. Saturday. Updated information is also posted at under the “credit/debit card announcements.”


Log in to comment