Earlier this month, we learned that professional beauty products retailer Sally Beauty suffered a data breach. Initially, the company didn’t find any evidence that customer information had been stolen.
However, in a statement published on its website on Monday, the company revealed that close to 25,000 customer payment cards had been compromised. It appears that the attackers have managed to steal Track 2 card data, including names, card numbers, expiration dates and CVVs.
There’s no indication that social security numbers, dates of birth and other sensitive information has been obtained by the cybercriminals. The company doesn’t collect any PIN data.
“As experience has shown in prior data security incidents at other companies, it is difficult to ascertain with certainty the scope of a data security breach/incident prior to the completion of a comprehensive forensic investigation. As a result, we will not speculate as to the scope or nature of the data security incident,” the company stated.
The US Secret Service has been called in to investigate the incident. In the meantime, the retailer is taking steps to ensure that its payment card information systems are secured and that servers are malware-free. All security systems are being reviewed.
“We take this criminal activity very seriously. We continue to work diligently with Verizon on this investigation and are taking necessary actions and precautions to mitigate and remediate the issues caused by this security incident,” Sally Beauty wrote on its website.
So far, there’s no mention of free credit protection services being offered to affected customers. However, Sally Beauty has promised to provide additional details on how it plans on assisting impacted individuals in the upcoming days.
Meanwhile, the company advises customers to check their statements for any suspicious or fraudulent activities, and report any incidents to their financial institution.
Customers are also advised to be on the lookout for phishing scams that might leverage the data breach in an effort to trick them into handing over their personal and financial details. Sally Beauty will not ask anyone for sensitive information via email.
On Monday, someone breached and defaced Rescator, one of the underground websites responsible for selling payment card data stolen by hackers from Sally Beauty, Target and other companies whose servers have been breached.
“To all the people who used this service to blackmail and threaten and ‘dox’ people's families: [expletive] you especially. To the ‘regular’ fraudsters: [expletive] you too but slightly less,” the hacker wrote on the defaced website.