Albertsons 2016 Annual Report Download - page 20

Download and view the complete annual report

Please find page 20 of the 2016 Albertsons annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 125

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125

18
Some stores owned and operated by Albertson’s LLC and NAI experienced related criminal intrusions. The Company provides
information technology services to these Albertson’s LLC and NAI stores pursuant to the TSA, and the Company has been
working together with Albertson’s LLC and NAI to respond to the intrusion into their stores. While the Company believes that
any losses incurred by Albertson’s LLC or NAI as a result of the intrusion affecting their stores would not be the Company’s
responsibility, the Company could face claims by Albertson’s LLC and NAI related to the intrusions, or other third parties
seeking to hold the Company responsible for the intrusions into the stores of Albertson’s LLC and NAI. The Company also
cannot be certain whether the intrusions could adversely affect the Company’s relationships with Albertson’s LLC and NAI.
The Company is currently subject to private litigation and claims relating to the intrusions, and an inquiry from a multistate
group of Attorneys General. In the future the Company may be subject to additional litigation and claims and to governmental
investigations or proceedings relating to one or both of the intrusions. The Company’s financial liability arising from such
litigation, claims, investigations or proceedings will depend on many factors, including:
the results of the payment card brands’ investigations of the intrusions;
whether, at the time of the intrusions, the portion of its network that handles payment card data was in compliance with
applicable payment card industry standards;
whether, and if so to what extent, any fraud losses or other expenses experienced by cardholders, card issuers and/or the
payment card brands on or with respect to the payment card accounts affected by the intrusions can be properly attributed
to these intrusions and whether, and if so to what extent, those expenses would be the Company’s legal responsibility;
the nature and extent of any losses to Albertson’s LLC or NAI from the intrusions and any claims asserted against the
Company for such losses; and
the adequacy of the Company’s insurance.
Disruptions to the Company’s or third-party information technology systems, including future cyber-attacks and
security breaches, and the costs of maintaining secure and effective information technology systems could negatively
affect the Company’s business and results of operations.
The efficient operation of the Company’s businesses is highly dependent on computer hardware and software systems,
including customized information technology systems. Information systems are vulnerable to disruptions and security breaches
by computer hackers and cyber terrorists. The Company relies on industry accepted security measures and technology to
securely maintain confidential and proprietary information stored on the Company’s information systems, and continues to
invest in maintaining and upgrading the systems and applications to control risk. The Company also relies on third-party
systems and software that are critical to the operation of its business, including accepting credit, debit, EBT and gift cards. In
response to the information technology intrusions the Company experienced in fiscal 2015, the Company has taken and is
continuing to take actions to strengthen the security of its information technology systems. Nevertheless, these measures and
technology may not adequately prevent security breaches in the future or the Company may not be able to timely implement
these measures and technology. There can be no assurance that the Company will not suffer another intrusion or that a third-
party that is relied on by the Company will not suffer an intrusion, that unauthorized parties will not gain access to confidential
or personal information, or that any such incident will be discovered promptly. The techniques used by criminals to obtain
unauthorized access to sensitive data change frequently and often are not recognized until launched against a target, and the
Company or its third-party provider may be unable to anticipate these techniques or implement adequate preventative measures.
The failure to promptly detect, determine the extent of and appropriately respond to a significant data security breach could
have a material adverse impact on the Company’s business, financial condition and results of operations. In addition, the
unavailability of the information systems or failure of these systems or software to perform as anticipated for any reason,
including a major disaster, technical malfunction or business interruption, and any inability to respond to, or recover from, such
an event, or any inability to timely implement new security measures or technology, could disrupt the Company’s business,
impact the Company’s customers and could result in decreased performance, increased overhead costs and increased risk for
liability, causing the Company’s business and results of operations to suffer.
Additionally, the Company’s businesses involve the receipt, storage and transmission of sensitive data, including personal
information about the Company’s customers and employees and proprietary business information of the Company and its
customers and vendors. The Company may also share information with vendors that assist the Company in conducting its
business, as required by law, with the permission of the individual or as permitted under the Company’s privacy policy. The
sharing of information continues to increase as customers are increasingly using tablets, mobile phones, computers and other
devices to shop in stores and online and provide feedback and public commentary on their shopping experience, including
prices. Multichannel retailing is rapidly evolving. If the Company’s or a vendors customer-facing technology systems do not
reliably function as designed, the Company may experience a loss of customer confidence or data security breaches or be
exposed to fraudulent purchases, which, if significant, could adversely affect the Company’s reputation and results of
operations. As a merchant that accepts debit and credit cards for payment, the Company is subject to the Payment Card