01-25-2014 04:17 PM
"The country's largest crafts chain may be the latest retailer hit by a security breach.
"Michaels said Saturday that it learned recently of "possible fraudulent activity" on some of its customers' payment cards, suggesting there may have been a breach.
"CEO Chuck Rubin said the company has not confirmed a breach, but wanted to alert customers.
"We are concerned there may have been a data security attack on Michaels that may have affected our customers' payment card information and we are taking aggressive action to determine the nature and scope of the issue," Rubin said in a statement."
It appears as though the long string of recent breaches continues....
New to the Community? Register now and start posting!
Helpful Webroot Links:
Thursday - last edited Thursday by nic
Nationwide arts and crafts chain Michaels Stores Inc. said today that two separate eight-month-long security breaches at its stores last year may have exposed as many as 3 million customer credit and debit cards.
The disclosure, made jointly in a press release posted online and in a statement on the company’s Web site, offers the first real details about the breach since the incident was first disclosed by KrebsOnSecurity on January 25, 2014.
As the officials investigating the Target data breach are settling in for what they believe will be a long and complex process of catching the hackers behind the heist, another US retailer is admitting that it lost millions of customer payment card details.
Arts and crafts store chain Michaels said that it has confirmed the exposure of as many as 2.6 million customer payment cards from a malware infection which captured and transmitted card details from the company's point of sale (POS) terminals.
According to the company, the attacks occurred between May 8 of last year and February 27, 2014, and impacted roughly 7 per cent of all cards used in the US at Michaels and affiliated Aaron Brothers stores over that period. The company has received reports of the compromised cards being used for fraudulent activity.
You would really have thought that by now, after the Target fiasco, more of these organisations would have wised up, etc...eh?
U.S. Secret Service Agent Matt O’Neill was growing nervous. For three months, he’d been surreptitiously monitoring hackers’ communications and watching as they siphoned thousands of credit card numbers from scores of U.S. retailers.
Most every day O’Neill was alerting a credit card company or retailer to an online heist. The result was predictable: the companies canceled hijacked credit and debit cards and the aggravated hackers’ customers began complaining that the stolen card numbers weren’t working as promised.
It was only a matter of time before the cyber thieves realized they were being watched.
“We were hoping they wouldn’t figure it out until we could catch them,” O’Neill said.