Sally Beauty Reveals POS Compromise

Customer payment card information may have been at risk from malware inserted March 6 to April 17.

By Roy Urrico | May 29, 2015 at 06:39 AM

The Denton, Texas-based Sally Beauty Holdings admitted in a statement that attackers inserted malware into multiple POS systems at its U.S. stores between March 6 and April 17, putting customer information in jeopardy.

"Payment card information of customers that used cards at affected U.S. Sally Beauty stores during this time may have been put at risk," the retailer stated. The company said on May 4 that it was investigating reports of unusual card activity. Sally Beauty also suffered a data breach in early 2014.

The method of the malware injection – whether it was manual or remote – was not revealed. However, the beauty supplies retailer, which operates more than 4,900 stores worldwide, said it does not collect or store PIN data and is confident that its authentication method was not compromised.

"We regret any inconvenience this incident may have caused our customers, and we want to reassure them that protecting our customers is our priority," Sally Beauty president/CEO Chris Brickman said.

The company is offering credit monitoring services to any customer who used a payment card at a U.S. Sally Beauty store on those dates because it cannot pinpoint exactly which cards might have been affected.

High-profile attacks against retailers have included a 2014 intrusion against Home Depot that affected 56 million card accounts, and a 2013 Target breach in which hackers stole information from 40 million cards.

Sally Beauty first released related public alerts about the apparent intrusion on May 4, saying it "received reports of unusual activity involving payment cards used at some of our U.S. Sally Beauty stores."

The company added, "Since learning of these reports, we have been working with law enforcement and our credit card processor and have launched a comprehensive investigation with the help of a leading third-party forensics expert to aggressively gather facts while working to ensure our customers are protected."

In a follow-up comment on May 14, Brickman reported, "We now have sufficient evidence to confirm that an illegal intrusion into our payment card systems has indeed occurred."

A previous breach at Sally Beauty, in March of 2014, affected less than 25,000 credit cards used at locations across the U.S.

A survey, "Data Security in the Evolving Payments Ecosystem," from the Dublin, Ireland-based Experian and the Traverse City, Mich.-based Ponemon Institute revealed concerns about the ability of breached companies to properly manage a security response.

It also states organizations continue to be deficient in governance and security practices that could strengthen their data breach preparedness.

NOT FOR REPRINT

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).

Insurance
Complex Claims & Litigation Forum 2025
February 24, 2025 - Las Vegas

This conference aims to help insurers and litigators better manage complex claims and litigation.
More Information
GlobeSt. Multifamily Spring 2025
April 01, 2025 - New York

Join the industry's top owners, investors, developers, brokers & financiers at THE MULTIFAMILY EVENT OF THE YEAR!
More Information
GlobeSt. Net Lease Spring 2025
April 01, 2025 - New York

This conference brings together the industry's most influential & knowledgeable real estate executives from the net lease sector.
More Information