International grocery chain ALDI has issued a warning that customers in 11 states could have had their credit card data stolen by modified payment terminals. According to some reports, the hardware were apparently installed between the beginning of June and August 31 this year, and as many as 1,000 shoppers were reported to have faced fraudulent charges so far.

What is staggering is the geographical breadth of the affected areas, which ranges from New York to Illinois. In total, the residents of up to 11 states are affected, though the attacks were limited to specific instances. Since it would have been necessary for the perpetrators to travel to each store, this serves to belie the sheer scope of the operation. In a press release, ALDI says it immediately reported the crime to federal law enforcement authorities upon discovering it, and no ALDI employees were believed to be involved at this point.

For now, the company says it believes that all the rogue terminals have been replaced.

For more on this story:
- check out this press release
- check out this article at Softpedia
- check out this article at The Register

Related Articles:
Defcon contest targeting corporations concerns FBI
Burglars select their targets based on Facebook updates; Facebook denies link
Keys to the Boston Celtics' information security
2010: A good time to start an IT security career
Financial firms seek outside security pros