Michaels Investigating Possible Breach

Fraudulent Card Activity May Be Linked to Crafts Retailer
Michaels Investigating Possible Breach

Arts and crafts retailer Michaels is looking into a possible data breach that may have led to fraudulent activity on U.S. payment cards that had been used by customers at Michaels stores.

See Also: ISO/IEC 27001: The Cybersecurity Swiss Army Knife for Info Guardians

The company is working with federal law enforcement and third-party data security experts to establish the facts, Michaels said in a Jan. 25 press release.

"Although the investigation is ongoing, based on the information the company has received and in light of the widely-reported criminal efforts to penetrate the data systems of U.S. retailers, Michaels believes it is appropriate to let its customers know a potential issue may have occurred," Michaels says.

Michaels hasn't confirmed a compromise of its systems yet, the press release says.

"We believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves," says Michaels CEO Chuck Rubin.

When reached for comment, a spokesperson for Michaels said the press release is the extent to which the company is commenting at this time.

The news comes after two high-profile breaches affecting Target Corp. and Neiman Marcus.

Headquartered in Irving, Texas, Michaels has more than 1,105 craft stores in the United States and Canada.

2011 Incident

The company has been impacted by large-scale security incidents in the past. In 2011, banking institutions reported tens of thousands of fraudulent transactions linked to consumers who had visited Michaels craft stores that were affected by the breach [see: Michaels Breach: Fraudsters Sentenced].

POS and PIN-entry devices at 84 locations in 20 states were later found to have been swapped out with devices manipulated to collect card numbers and PINs. Investigators say 94,000 debit and credit cards were affected by the breach.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.