New Card Breaches Reported: Sally Beauty, Chicago Taxis
The professional salon chain Sally Beauty has confirmed that it is investigating a potential breach of its card payment systems.
Brian Krebs, author of the tech blog Krebs on Security, reported Wednesday that 282,000 debit and credit card accounts from the chain had been offered for sale on underground card markets overseas.
Krebs reported that a spokesman for Sally Beauty acknowledged that a software system the retailer uses to detect security breaches was activated on or around Feb. 24. Krebs also reported that while the spokesman said the firm had detected a breach, no data had yet been confirmed as compromised or stolen.
No one from the firm has yet confirmed the Krebs report.
The tech blogger reported the stolen card numbers were being sold as of March 2, and three banks he had contacted about the breach had purchased some of their own stolen card numbers back from the thieves.
The banks were then able to analyze the transactions and determine they shared purchases at Sally Beauty in common.
The news came on the heels of reports that a Chicago area bank had contacted its debit and credit card holders, urging them to stop using their cards when paying for taxi rides in the Chicago area.
“We are advising you not to use your First American Bank debit cards (or any other cards) in local taxis,” wrote Tom Wells, chairman of the board at First American Bank, in a Feb. 28 email. “We have become aware of a data breach that occurs when a card is used in Chicago taxis, including American United, Checker, Yellow and Blue Diamond and others that utilize Taxi Affiliation Services and Dispatch Taxi to process card transactions.”