No details about the likely breach have yet been confirmed, but the company is "working closely with federal law enforcement and is conducting an investigation with the help of third-party data security experts to establish the facts."
"Although the investigation is ongoing, based on the information the Company has received and in light of the widely-reported criminal efforts to penetrate the data systems of US retailers, Michaels believes it is appropriate to let its customers know a potential issue may have occurred," they stated in a press release published on Saturday.
“We are concerned there may have been a data security attack on Michaels that may have affected our customers’ payment card information and we are taking aggressive action to determine the nature and scope of the issue,” said Chuck Rubin, CEO. “While we have not confirmed a compromise to our systems, we believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves, for example, by reviewing their payment card account statements for unauthorized charges.”
"If you believe your payment card may have been affected, you should immediately contact your bank or card issuer," Rubin stated in an open letter published on the same day. "If we find as part of our investigation that any of our customers were affected, we will offer identity protection and credit monitoring services to them at no cost."
With all the latest revelations about data breaches targeting big US retailers (Target and Neiman Marcus) and speculations that other are affected, payment card users in the US should do well to always keep an eye on their payment card account statements.
Unfortunately, with the way things are going, that is a good piece of advice to everyone who uses payment cards, no matter where they live.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.