Sally Beauty, a retailer and distributor of professional beauty products with 2,600 stores across the United States, has suffered a data breach. However, the company says there’s no evidence that customer information has been stolen.
Brian Krebs has uncovered a fresh batch of over 280,000 payment card records being sold on an underground website. Three different financial institutions have purchased some of the information in an effort to establish the company from which the information comes from.
They’ve all confirmed that the data they’ve purchased from the cybercriminals is associated with cards used within the last 10 days at Sally Beauty.
In response to the rumors, Sally Beauty has published the following statement on its website:
“Recently, our systems detected an attempted intrusion into our Sally Beauty Supply LLC network, and we believe we promptly mitigated potential issues arising from this intrusion.
“As a result of our ongoing investigation, which included assistance from a top-tier security firm, we have no reason to believe there has been any loss of credit card or consumer data. We will continue to investigate and actively monitor this situation.”
The company’s representatives have told Krebs that they rely on Tripwire security solutions to detect data breaches. On around February 24, an intrusion was detected by the system.
Shortly after, external communications were shut down and an investigation was launched. Verizon, which has a unit that specializes in investigating cyberattack, was also called in.
“Since [Verizon's] involvement, which has included a deconstruction of the methods used, an examination of network traffic, all our logs and all potentially accessed servers, we found no evidence that any data got out of our stores. But our investigation continues, of course with their assistance,” said Sally Beauty spokeswoman Karen Fugate.
Hopefully, Sally Beauty will determine if the card data comes from its systems or not. Currently, the payment card data that’s believed to originate from the company’s servers has a 98% validity rate, Krebs says.
This means that most of the records can be used to perform fraudulent transactions.
Around one week ago, rumors emerged about the US retailer Sears suffering a data breach. However, the company says it hasn’t found any evidence of a data breach after reviewing its systems.
On Wednesday, we learned that Smucker’s shut down its online store after discovering a piece of malware designed to capture sensitive information entered by customers on the website when making purchases.