Sally Beauty Refutes Breach Rumors (March 10, 2014)
Sally Beauty, the specialty retailer and distributor of professional beauty supplies, is the latest retailer allegedly falling prey to hackers—or, at least, becoming the victim of rumors that credit and debit card information and other customer data has been compromised.
Denton, Texas-based Sally Beauty Holdings Inc., which operates more than 2,700 beauty supply stores in the U.S., detected an attack on its network, according to a statement it released on Wednesday in response to “rumors throughout the retail industry regarding security intrusions.”
“We believe we promptly mitigated potential issues arising from this intrusion,” the company said. “As a result of our ongoing investigation, which included assistance from a top-tier security firm, we have no reason to believe there has been any loss of credit card or consumer data. We will continue to investigate and actively monitor this situation.” Sally Beauty could not be reached for further comment before press time.
On March 5, security blog KrebsOnSecurity reported that approximately 282,000 stolen credit and debit card numbers had appeared on the black market a few days earlier. It also reported that three banks used cards purchased from the black market to conduct a common point-of-purchase test. The test indicated that the 15 test cards were used within a 10-day span at Sally Beauty stores.
Last December, Target Corp. announced a data breach, followed by a similar announcement by Neiman Marcus in January, in which hackers stole customers’ payment information. Lawmakers have since held a series of Capitol Hill hearings on data security where the FTC called for a strong federal law covering data security and breach notifications.