I have been tracking the Hannaford data breach from quite sometime now, have been many revelations. But now there is a new turn in the case, it seems like the data theft was result of an insider breach. It is quite strange because all of a sudden if you say it was insider breach when the world already knows what had happened ?
This reason they are pushing to show it a insider breach is so that their PCI and all those compliance stay in place, their reputation is already gone but atleast they don´t loose the license to do business.
Let us see how the final report turns up but I am sure the CSO is trying to save his ass due to the blunders they did and ofcourse justify the IT Security expenses he made during his tenure.