[ISN] Michaels Breach Bigger than Reported

From: InfoSec News <alerts_at_private>
Date: Fri, 13 May 2011 03:01:31 -0500 (CDT)

By Tracy Kitten
Managing Editor
Bank Info Security
May 12, 2011 

The Michaels debit breach is much bigger than the company initially 

Michael Stores initially reported that a scheme, in which point-of-sale 
pads customers use to key in their personal identification numbers, was 
isolated to Chicago, but on Tuesday the arts and crafts supplies 
retailer issued a statement that said nearly 90 stores in 20 states, 
stretching from Rhode Island to Washington, were affected.

The breach was first linked to a select group of Chicagoans who reported 
dings to bank accounts after their debit cards were allegedly copied 
during recent transactions at area Michaels craft stores. The Secret 
Service is investigating. Investigators believe legitimate PIN pads were 
traded or swapped out for PIN pads that skim and collect card details.

As a precautionary measure, Michaels has removed some 7,200 PIN pads 
from most of its 964 U.S. stores and expects replacements to be 
completed within the next 15 days. As a precautionary measure, PIN pads 
in Michaels Canadian locations are being screened as well.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Fri May 13 2011 - 01:01:31 PDT

This archive was generated by hypermail 2.2.0 : Fri May 13 2011 - 01:12:46 PDT