The Denton, Texas-based Sally Beauty Holdings admitted in a statement that attackers inserted malware into multiple POS systems at its U.S. stores between March 6 and April 17, putting customer information in jeopardy.

"Payment card information of customers that used cards at affected U.S. Sally Beauty stores during this time may have been put at risk," the retailer stated. The company said on May 4 that it was investigating reports of unusual card activity. Sally Beauty also suffered a data breach in early 2014.

The method of the malware injection – whether it was manual or remote – was not revealed. However, the beauty supplies retailer, which operates more than 4,900 stores worldwide, said it does not collect or store PIN data and is confident that its authentication method was not compromised.

Continue Reading for Free

Register and gain access to:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
  • Educational webcasts, white papers, and ebooks from industry thought leaders.
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com.
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).