on thursday the Company said that the Cyber criminals not only breached their system but also of their subsidiary Aaron Brothers. the piece of malware used in the attack was highly sophisticated and has not been encountered previously by the two security firms that were conducting the investigation. Michaels CEO Chuck Rubin said “We want you to know we have identified and fully contained the incident, and we can assure you the malware no longer presents a threat to customers while shopping at Michaels or Aaron Brothers.”
The point of sales (POS) system targeted by the malware stored payment card numbers and expiration dates, there is no evidence that data such as customers’ names or personal identification numbers were at risk.
Michael’s breach occurred between May 8, 2013 and January 27, 2014 in which about 2.6 million or 7% of payment cards used at its stores were compromised. whereas nearly 400,000 cards were affected at 54 Aaron Brothers stores from June 26, 2013 to February 27, 2014.
Michael’s says that only a limited numbers of fraud incident has been reported and now there system has all been cleaned up. but the company is offering 12 months of free identity protection, credit monitoring services and free fraud assistance to affected customers in the United States.
Customers are asked to immediately contact their banks if any suspicious activity is found. the Company is working with bank, payment processors and law enforcement agencies to investigate the breach.
Shortly after the Target and Neiman Marcus breach authorities were concerned that possibly there could be several other retailers hacked too, experts believe that this possibly is not the end the coming days can bring some other breach in light too.
