U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

US retailer Michaels Stores confirms card data breach

After Target and Neiman Marcus, also US retailer Michaels Stores confirms card data breach occurred early this year, the second one in the company hystory. Early this year was spread the news that Michaels Stores Inc, the biggest U.S. arts and crafts retailer, was the victim of a severe data breach. Michaels Stores Inc. retailer was […]

US retailer Michaels Stores confirms card data breach

After Target and Neiman Marcus, also US retailer Michaels Stores confirms card data breach occurred early this year, the second one in the company hystory.

Early this year was spread the news that Michaels Stores Inc, the biggest U.S. arts and crafts retailer, was the victim of a severe data breach.

Michaels Stores Inc. retailer was the last victim of a series of massive data breach, a few weeks after the hack of US retailers Target and Neiman Marcus. Michaels Stores Inc has more than 1,250 stores across the United States, in January Fraud experts have detected a pattern of illicit activities on a set of cards all recently used at the store of the company.

This week the Michaels Stores Inc. confirmed the presence of a flaw at certain payment systems at its U.S. stores and that of its unit, Aaron Brothers, as reported by the Reuters news agency.

According first revelations made by Michaels Stores representatives the data breach occurred between May 8, 2013 and January 27, 2014. Its impact is considerable severe, it has been estimated that data about 2.6 million cards was stolen, about 7 percent of payment cards used by its customers at the US stores.

Michaels Stores

Michaels Stores Inc. also confirmed the potential exposure of data related to 400,000 cards at its Aaron Brothers unit in the period between June 26, 2013 and February 27, 2014.

“There was no evidence that data such as customers’ name or personal identification number were at risk, Michaels Stores said in a statement.”

The systems at Michaels Stores were infected with malware designed to steal payment information, thanks the support of a cyber security firm the malicious code was identified and removed from the machines.

The US retailers are planning to form an industry group to share information on incidents and establish a surveillance center for fraud prevention. The number of cyber threats targeting retailers are even more complex and difficult to identify, security firms are suggesting a layered approach to promptly identify patterns related to ongoing cyber attacks.

Pierluigi Paganini

(Security Affairs –  Michaels Stores, data breach)