Michaels Stores Inc. retailer was the last victim of a series of massive data breach, a few weeks after the hack of US retailers Target and Neiman Marcus. Michaels Stores Inc has more than 1,250 stores across the United States, in January Fraud experts have detected a pattern of illicit activities on a set of cards all recently used at the store of the company.
This week the Michaels Stores Inc. confirmed the presence of a flaw at certain payment systems at its U.S. stores and that of its unit, Aaron Brothers, as reported by the Reuters news agency.
According first revelations made by Michaels Stores representatives the data breach occurred between May 8, 2013 and January 27, 2014. Its impact is considerable severe, it has been estimated that data about 2.6 million cards was stolen, about 7 percent of payment cards used by its customers at the US stores.
Michaels Stores Inc. also confirmed the potential exposure of data related to 400,000 cards at its Aaron Brothers unit in the period between June 26, 2013 and February 27, 2014.
“There was no evidence that data such as customers’ name or personal identification number were at risk, Michaels Stores said in a statement.”
The systems at Michaels Stores were infected with malware designed to steal payment information, thanks the support of a cyber security firm the malicious code was identified and removed from the machines.
The US retailers are planning to form an industry group to share information on incidents and establish a surveillance center for fraud prevention. The number of cyber threats targeting retailers are even more complex and difficult to identify, security firms are suggesting a layered approach to promptly identify patterns related to ongoing cyber attacks.
(Security Affairs – Michaels Stores, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.