Categories: SecurityWorkspace

US Retail Giant Michaels Admits 3m Hit By Data Breach

Another US retail firm has admitted to a severe data breach, as Michaels Stores said data relating to three million credit cards was compromised thanks to malware attacks on the firm.

A number of Michaels branches, which deal in arts and crafts, saw their point of sale terminals hacked, in much the same way Target stores were compromised. The attacks, which took place between 8 May 2013 and 27 January 2014, affected 2.6 million cards.

Malware was also found on machines at Aaron Brothers, a Michaels property, with 400,000 cards potentially affected.

Another big retail data breach

The firm said it had “received a limited number of reports from the payment card brands and banks of fraudulent use of payment cards potentially connected to Michaels or Aaron Brothers”.

The affected data included payment card number and expiration date. There was no evidence other customer personal information, such as name, address or PIN were affected by the data breach.

“We are committed to assisting affected customers by providing fraud assistance, identity protection and credit monitoring services. Importantly, with this incident now fully contained, we can assure customers this malware no longer presents a threat to shoppers at Michaels or Aaron Brothers,” said Michaels CEO Chuck Rubin.

“In an era where very sophisticated and determined criminals have proven capable of successfully attacking a wide range of computer networks, we must all increase our level of vigilance. Michaels is committed to working with all appropriate parties to improve the security of payment card transactions for all consumers.”

Love IT security? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

13 hours ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

17 hours ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

18 hours ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

1 day ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

1 day ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

2 days ago