Sally Beauty confirms data breach

[InfoSec News <alerts () infosecnews org>]

http://www.washingtonpost.com/business/economy/sally-beauty-confirms-data-breach/2014/03/17/c644049a-adf5-11e3-96dc-d6ea14c099f9_story.html

By Amrita Jayakumar
The Washington Post
March 17, 2014

Sally Beauty confirmed Monday that hackers broke into the supplier's 
network, stealing the payment data of up to 25,000 customers.

The information stolen included payment card numbers and the three-digit 
security codes, known as CVV numbers, the company said. The retailer said 
it does not store customers' personal identification numbers (PINs).

Customers will be notified if their information was stolen, said Sally 
Beauty, which is advising shoppers to check their bank statements for 
suspicious transactions. The company did not provide details on the nature 
of the breach, including whether it affected only shoppers who came into a 
store or also those who shopped online.

The confirmation follows a statement by Sally Beauty this month that said 
it detected a breach Feb. 24 but had no evidence that customers' data had 
been stolen. The breach was first reported by security blogger Brian 
Krebs.

[...]



--
Find the best IT Security talent without breaking your recruiting budget.
Jobs cross-posted to Simply Hired, Facebook and LinkedIn.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/