The Washington PostDemocracy Dies in Darkness

Publix is looking for a crisis PR agency — just in case it gets hacked

A Publix supermarket in Zephyrhills, Fla. (AP/Scott Iskowitz)

Security experts warn that we've haven't seen the last of large-scale data breaches, such as those recently discovered at Home Depot and JPMorgan Chase.

Now Publix, the supermarket mega-chain with more than 1,000 stores nationwide, is taking an unusual step to prepare for the possibility that hackers might wage an attack on its systems. The company is seeking the services of a public relations company that could help it with crisis management in the event of a data breach.

Publix says this is a purely precautionary measure and that it has no evidence to suggest it has been a victim of a cyber intrusion.

"This is one of those things we all take very seriously as an industry," said Maria Brous, Publix's director of media and community relations. "We have to be just as serious about the public relations aspect as about the security aspect."

The company is seeking a consultant who could potentially help with all forms of communications about a breach, including communication with customers, employees, credit card companies and banks. Brous said Publix is being proactive about lining up these services because "it takes time to build a relationship with a PR firm." By preemptively refining a plan of action, Publix hopes to be better equipped to weather a breach if one occurs.

Publix's strategy is an example of how acutely focused retailers are on making sure a breach doesn't become a drag on their business.  While Home Depot and JPMorgan Chase don't appear to be facing much consumer backlash since their recent cyberattacks, retailers surely remember the wounds that Target suffered after its massive holiday season breach in 2013.  Target's sales slipped, and the company has said the breach has so far cost it $146 million.

Merchants have also been taking steps to improve their technology to better protect against data breaches. Visa and MasterCard have pledged that by October 2015, they will have a completed a switch to credit and debit cards that use chip and PIN" technology.  "Chip and PIN" is considered to be safer than the magnetic strip cards that are widely used in the United States today. Retailers, meanwhile, are scrambling to make expensive upgrades to their point-of-sale systems and their payment systems to accommodate chip and PIN cards.

With these steps, retailers hope they can better gird themselves against these increasingly common and potentially devastating attacks.