Sally Beauty Supply, an international specialty retailer and distributor of professional beauty supplies, could be the next big retailer to have been hacked.
Denton, Texas-based Sally Beauty Holdings admitted its “system detected an attempted intrusion” into its network and the company “promptly mitigated potential issues arising from this intrusion,” said a March 5 statement.
Sally Beauty said it enlisted the help of a security firm and has concluded it has “no reason to believe there has been any loss of credit card or consumer data.”
Reportedly, the firm brought in a forensics team from Verizon to investigate the incident.
But Brian Krebs of Krebs on Security reported a fresh batch of 282,000 stolen credit and debit cards went on sale on a popular underground crime store and three banks made targeted buybacks of the cards. Each bank determined all of the purchased cards were used within the last 10 days at Sally Beauty Supply.
Sally Beauty Supply operates 2,964 North America stores—3,424 stores worldwide.
Sally Beauty Holdings spokeswoman Karen Fugate said the company had no comment on whether it has cyber insurance.
Within the last six months Target, Neiman Marcus and Michaels have confirmed data breaches.
***
February ended with rumors Sears was the victim of a data breach. Bloomberg reported Verizon Communications Inc. and the U.S. Secret Service are still going through Sears’ computer data.
Hoffman Estates, Ill.-based Sears Holding Corp. said it is “actively reviewing our systems to determine if we have been a victim of a breach.”
“We have found no information based on our review of our systems to date indicating a breach,” said a statement from the retailer.