AB Acquisition LLC

The California Office of the Attorney General disclosed a **data breach notification** from **AB Acquisition LLC** on **September 29, 2014**, involving an **attempted criminal incident targeting payment card data** across multiple store locations. While the breach exposed potential vulnerabilities in the company’s payment systems, investigations could **not confirm whether any actual payment card data was stolen**. The incident raised concerns over the security of customer financial information, particularly in retail environments where transactional data is frequently processed. The breach highlighted risks associated with **criminal cyber intrusions** aimed at intercepting or exfiltrating sensitive payment details, though the lack of confirmed data theft suggested that preventive measures or early detection may have mitigated the full impact. However, the event still posed reputational risks, as public disclosure of such incidents can erode customer trust and prompt regulatory scrutiny. The company was required to notify affected parties and implement corrective actions to strengthen payment system defenses, including monitoring for fraudulent activity linked to the exposed cards. While no direct financial losses or large-scale fraud were reported, the breach underscored the persistent threat of **cybercriminals targeting retail payment infrastructures**, necessitating ongoing vigilance and investment in cybersecurity protocols to prevent future exploits.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-46749

TPRM report: https://www.rankiteo.com/company/albertsons

"id": "alb033090625",
"linkid": "albertsons",
"type": "Cyber Attack",
"date": "8/2014",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Retail',
                        'location': 'Multiple states (USA)',
                        'name': 'AB Acquisition LLC',
                        'type': 'Retail (Likely, given stores in multiple '
                                'states)'}],
 'data_breach': {'data_exfiltration': 'Unconfirmed (Attempted)',
                 'sensitivity_of_data': 'High (Payment Card Data)',
                 'type_of_data_compromised': 'Payment Card Data (Potential)'},
 'date_publicly_disclosed': '2014-09-29',
 'description': 'The California Office of the Attorney General reported a data '
                'breach notification from AB Acquisition LLC on September 29, '
                '2014, regarding an attempted criminal incident involving '
                'payment card data. The breach potentially affected stores in '
                'several states, but it has not been determined whether any '
                'payment card data was actually stolen.',
 'impact': {'data_compromised': 'Potential (Payment Card Data)',
            'identity_theft_risk': 'Potential (if payment card data was '
                                   'stolen)',
            'payment_information_risk': 'Potential'},
 'initial_access_broker': {'high_value_targets': 'Payment Card Data'},
 'investigation_status': 'Ongoing (as of 2014-09-29; no confirmation if data '
                         'was stolen)',
 'motivation': 'Criminal (Potential Theft of Payment Card Data)',
 'references': [{'date_accessed': '2014-09-29',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'response': {'communication_strategy': 'Public Disclosure (via California AG)',
              'law_enforcement_notified': 'Yes (California Office of the '
                                          'Attorney General)'},
 'title': 'Data Breach at AB Acquisition LLC Involving Payment Card Data',
 'type': 'Data Breach (Attempted)'}

AB Acquisition LLC

Kensington & Chelsea Council (and Westminster Council)

Crisis24

Royal Borough of Kensington and Chelsea (RBKC)