Michaels Says Nearly 3M Credit, Debit Cards Breached

Michaels Stores is offering new insight into a headline-making data breach that was first announced in the shadows of the massive Target leak. While the Target leak left 70 million consumers exposed to cybercriminals, as many as 3 million customer credit and debit cards were breached in the Michaels event.

That news begs the question: If large retailers like Target canEUt prevent data breaches, do smaller retailers like Michaels stand a chance?

Michaels first reported the data security issue in January after learning about possible fraudulent activity on some U.S. credit and debit cards used at its stores.

Between then and now, Michaels hired two independent security firms to undertake an investigation. The nationwide arts and crafts chain said it has also been working with law enforcement officials, as well as coordinating with banks and payment processors, to solve the puzzle. The company also apologized -- again.

EUOur customers are always our number one priority and we are truly sorry for any inconvenience or concern Michaels may have caused,EU said Chuck Rubin, CEO of Michaels. EUWe are committed to assisting affected customers by providing fraud assistance, identity protection and credit monitoring services. Importantly, with this incident now fully contained, we can assure customers this malware no longer presents a threat to shoppers at Michaels or Aaron Brothers.EU

Bad News, Good News

With that said, hereEUs what the investigation uncovered: Criminals did indeed attack systems of Michaels and its subsidiary, Aaron Brothers, using sophisticated malware. Neither security firm had run into the malware before. ThatEUs the bad news. The good news is the incident has been contained and the conclusions are shedding light on how to help prevent these attacks in the future.

For example, we now know that the affected systems held debit and credit card information, such as numbers and expiration dates. However, there is...

Comments are closed.