Three weeks after Sally Beauty first said it was looking into whether it’d been the victim of a hack attack, the company says it’s confirmed that criminals used malware on some of its point-of-sale systems, possibly exposing payment information for customers who used cards at some of its U.S. stores.
Sally Beauty: Investigation Confirms Customer Payment Info May Have Been Put At Risk, But Not Debit PINs
In what has become an unfortunately familiar experience, yet another retailer is announcing that it might’ve been the victim of a potential data breach: Sally Beauty confirms that it’s investigating “unusual activity” involving payment cards at some of its U.S. stores. This, a year after a breach that affected tens of thousands of customers.
Sally Beauty Supply admitted that about 25,000 credit card numbers were compromised when they were hacked earlier this year, but there’s evidence that the breach was much, much larger than that. Security reporter Brian Krebs is the person who first reported the extent of the 2013 Target breach, and he thinks that there could be a lot more compromised numbers than Sally will admit. It could be eleven times as many. [More]
After a bunch of stolen credit card numbers were reportedly found for sale earlier this month on the underground market where one buys such things, all linked by the common denominator of Sally Beauty customers, the company said today that credit-card data of fewer than 25,000 customers records was illegally accessed and it’s possible that info was stolen. [More]
The credit card payment system of yet another national retail chain appears to have been violated. This time it’s Sally Beauty, which looks to be the common denominator among a group of recently stolen credit card numbers. [More]