Back in January, arts and crafts retail giant Michaels announced that it was investigating a potential security breach, and now the company has confirmed that millions of credit cards may have been compromised by a cyberattack. The company says that the attack targeted its point-of-sale systems at a "varying number" of stores from May 8th, 2013 through January 27, 2014. Overall, some 2.6 million credit and debit cards may have been affected, which is about seven percent of cards used in its stores over that timeframe.
The Michaels website has details on what specific stores were targeted and at what times they were vulnerable, so concerned customers can go and check to see if their credit card info was potentially hacked. While it appears that credit card numbers were exposed thanks to the hack, Michaels says that personal customer info like names, addresses, and PIN numbers were not compromised. In addition to the Michaels hack, the company's subsidiary Aaron Brothers was also affected — 54 stores were affected between June 26, 2013 and February 27, 2014, with about 400,000 cards compromised.
Michaels is giving affected customers 12 months of identify protection, credit monitoring, and fraud assistance service — a move similar to what retail giant Target did after suffering its own massive security breach late last year. This isn't the first time Michaels has had problems with credit card security, either — back in 2011, stores across the country had their payment systems tampered to collect data which helped the crooks create counterfeit cards.