[ISN] Michaels Confirms Data Breach

http://www.bankinfosecurity.com/michaels-confirms-data-breach-a-6763 By Jeffrey Roman Bank Info Security April 17, 2014 Arts and crafts retailer Michaels has now confirmed its stores were hit by a data breach that potentially compromised account information for 3 million payment cards. The breach, which involved “criminals using highly sophisticated malware,” potentially affected about 2.6 million cards used at Michaels stores from May 8, 2013, through Jan. 27, 2014. The malware attack also affected Michaels’ Aaron Brothers stores, where approximately 400,000 cards were potentially affected from June 26, 2013, through Feb. 27, 2014, the company said in an April 17 statement. Michaels says breached systems contained certain payment card information, such as payment card numbers and expiration dates, for its customers. There is no evidence that other customer personal information, such as name, address or PIN, was at risk, the company says. The company provided a list of affected U.S. Michaels stores and a list of affected Aaron Brothers stores. […]