Credit Unions Say Debit-Card Fraud May Be Linked to Wholesale Grocer’s Stores

Credit unions in eastern Washington, Idaho and Montana are being urged to watch for unauthorized debit- and credit-card transactions this week as the U.S. Secret Service continues to investigate a rash of fraud cases that may be linked to a local grocery wholesaler.

URM Stores Inc., which operates Rosauers, Yoke’s Fresh Market, Super1 Foods, Trading Co. Stores, CenterPlace Market, Harvest Foods and Family Foods, said in an online statement Monday that it is reviewing its data systems after several of its locations were identified as “common points of purchase” for cards used in fraudulent transactions.

“We are working with member-owners, forensic investigators, bankcard associations, transaction processors and law enforcement officials in an effort to determine whether there has been any unauthorized disclosure of payment card information,” URM chief executive Ray Sprinkle said. “At this time, we cannot confirm any unauthorized disclosures.”

The Secret Service launched its investigation after customers at more than a dozen Northwest banks and credit unions reported fraud cases. Those cases have now stretched over at least a three-week period, but the source of the breach and the total number of people affected has not been determined, the Secret Service told The Spokesman-Review newspaper.

However, several area credit unions say the “common points of purchase” they have identified — the locations where two or more compromised cards have been used — point to grocery stores affiliated with URM.

“We have felt since the first reported fraud at the beginning of November that it was Yoke’s,” Camelia Uhling, president and CEO of Monad Federal Credit Union in Pasco, told the Northwest Credit Union Association. “We reviewed the transactions of members who had actual fraud transactions post to their accounts, and most had debit-card transactions at Yoke’s. We feel confident that this is where the breach occurred, even though our debit-card provider has said there is no common point of purchase that they can identify.”

Bill Roberts, president and CEO of Northland Credit Union in Spokane, said almost all of the fraud reported to his credit union also has involved transactions at Yoke’s Fresh Market, and that all of those transactions occurred over the weekend of Sept. 6-9. As a result, Roberts said, Northland has closed and reissued about 250 debit cards for accounts with transactions at the grocery store.

“We have not had any more fraud since last Thursday,” Roberts said, “but we are waiting to see if any more cases happen.” He estimated Northland’s losses so far at $7,000, not including the cost of reissuing cards.

In north Spokane, CEO Mark Smith said that 20 of the 300 cardholders at Sears Spokane Employees’ Federal Credit Union have reported fraudulent charges against their cards “in a very short timeframe,” and that he also has narrowed the source of the breach to transactions processed by URM.

“We’re ratcheting down on all of our cards,” Smith said, “limiting daily transaction amounts and completely blocking transactions in some countries, like Saudi Arabia (where fraudulent purchases have been reported).”

Monad Federal has already replaced 200 debit cards, Uhling said, either because of reported fraud or because its card provider has told the credit union that it suspects accounts have been compromised. One member actually had to have a second card replaced when it, too, was compromised after just two transactions, Uhling said, including one at a URM-affiliated store.

So far, Uhling estimates Monad Federal’s losses at $1,500-$2,000.

About 15 cardholders at Spokane Media Federal Credit Union have reported illegal purchases in the past few weeks — more fraud than CEO Debie Keesee said she normally sees in a year. Keesee said Spokane Media is “being very proactive,” replacing roughly half of the cards it has issued.

“We can pay the cost of reissuing cards, or we can pay for the fraud,” Keesee said. “And we can’t afford to have any more fraud” because cardholders generally are reimbursed for fraudulent amounts charged against them.

WSECU also is taking a proactive approach. The Olympia-based credit union said Wednesday that it will reissue several thousand Spokane-area members’ debit and credit cards. Letters notifying affected members are being sent this week; new cards will start arriving Nov. 23 and continue through the week of Nov. 25-29.

WSECU said it would not deactivate old cards until after the Thanksgiving weekend to avoid disrupting holiday shopping, but it urged members in the Spokane area to monitor their accounts and notify the credit union immediately if suspicious transactions are posted.

Most of the reported fraudulent purchases involve signature transactions with debit cards that contain the original card numbers and the cardholder’s name. But in his online statement Monday, URM’s Sprinkle said the company has been unable to confirm “any unauthorized disclosure of payment card information.”

URM operates both a wholesale grocery distribution service to area grocery stores and a computer network that delivers purchase data at those stores to a global card transaction company, First Data.

“Out of an abundance of caution, in the absence of conclusive evidence that any card numbers have been compromised, we are informing you of our investigation,” Sprinkle said. He urged consumers to monitor their credit-card statements for evidence of fraud, and to report suspicious activity to their financial institution promptly.

At the same time, the Northwest Credit Union Association urged its members in two fraud alerts this week to work with their card provider to determine which of their members’ card information may have been compromised and the steps being taken to mitigate the situation.

Once credit unions have determined which of their members may have been compromised, they should follow their procedures for reported unauthorized transactions and take steps such as replacing the compromised cards, the NWCUA said.

“Fraud losses can be a very large issue for our member credit unions,” said David Curtis, the NWCUA’s director of compliance services, who is monitoring the investigation for the Association. “We need to stay vigilant for potential fraudulent situations.”

 

Questions? Contact Gary Stein: 503.350.2216, gstein@nwcua.org.

Posted in Article Post.