Bloomingfoods found a credit card skimming device attached to Register 3 inside the east location near College Mall on July 12, according to a statement sent to the IDS.
The device was an illegal attachment to the payment terminal to take data from debit and credit cards inserted or swiped through the device. Contactless payments likely would not have been affected.
The device was immediately removed, but after reviewing security footage, the staff discovered the device was placed on June 28.
Bloomingfoods said in a statement to the IDS there have been no confirmed customer data breaches, but users of register 3 between June 28 and July 12 should assume their data has been compromised. Register 3 is the closest to the exit door and one register away from the bathrooms. To confirm, the top of a receipt stating “Your cashier is Floater 3” would indicate an affected transaction.
The Bloomingfoods staff has increased terminal inspections to multiple times a day since the incident. The store also upgraded hardware and security, enhanced surveillance and monitoring, updated staff training to detect tampering, reviewed Payment Card Industry security standards and continued following state and federal data protection laws.
Bloomington Police Department is working with the Secret Service to determine what data, if any, the device captured. Bloomingfoods verified three individuals were involved with placing the device, but they were not employees. The investigation is still active.
If you are an affected shopper, monitor your accounts and report any suspicious activity to your card issuer. Bloomingfoods will continue to provide updates on its website.
