Well, this is just great!

Hannaford Bros. supermarket chain yesterday said a breach of its computer system potentially exposed 4.2 million credit and debit card numbers and has led to about 1,800 fraud cases to date.

The data breach affected customer cards used at more than 270 stores in states including Maine, Massachusetts, New Hampshire, New York, and Vermont, Hannaford said, and lasted from December until early March.

FROM DECEMBER UNTIL MARCH!!!!!!

And it's now, what, April? At least my bank in Georgia called me last night. Perhaps I shouldn't have yelled!

Hannaford, based in Scarborough, Maine, said compromised cards were used in transactions at all 165 stores it operates, plus transactions at 106 Sweetbay stores in Florida and 23 independently run stores that use Hannaford operating systems. Hannaford Bros. is owned by Belgium's Delhaize Group.

See, that's what you get from any monopoly situation, whether its a mono-culture or a grocery chain. And damage is sure to exceed whatever benefit was realized. Aside from the fact that damage is likely to be suffered by some entity that never benefited at all--like four million card holders who now have to spend hours and hours to make adjustments to their other merchant accounts.

Maine is among the majority of states that have passed laws requiring companies to notify consumers when data is lost or stolen, but Eleazer said Hannaford wasn't legally required to disclose the breach and only chose to do so yesterday once it had gathered enough information to be helpful to consumers. It is encouraging shoppers to monitor all payment card statements and to contact their card issuers or banks if questionable charges appear.

Banks have previously complained that Visa and MasterCard system rules put too many of the costs of dealing with data breaches on financial institutions. Yesterday, before Hannaford's disclosure, the Massachusetts Bankers Association said in a statement that up to 70 banks in Massachusetts had been warned by MasterCard and Visa of a data breach at a major retailer between Dec. 7 and March 10, but that the credit card firms had not named the retailer. Not long afterward, Hannaford came forward. A representative for Visa said executives wouldn't comment. A MasterCard spokesman didn't respond to questions.

The last time this happened in our area, it was because the Boston Globe used paper with account data on it to wrap the bundles of papers it drops off at convenience stores. Who's going to lodge a complaint on behalf of consumers who have to make adjustments to their accounts and then can't be sure that their communications are secure. With the N.S.A. setting up taps willy-nilly, who knows where the information is leaking out?