The Bellevue, Wash.-based Eddie Bauer said POS malware found at about 350 U.S. and Canadian store registers might have captured payment information used during store transactions between Jan. 2 and July 17.
"While not all transactions during this period were affected, out of an abundance of caution, Eddie Bauer is offering identity protection services to all customers who made purchases or returns during this period," the company said in a statement.
Customers are encouraged to go to the Eddie Bauer website for more information. The company declined to provide the possible number of customers affected. The company emphasized that this breach did not affect purchases made on the company's online store, eddiebauer.com.
Brian Krebs in a post on his blog, KrebsonSecurity, said he was unimpressed with the clothing brand's response to the malware attack. The cybersecurity expert said he reached out to Eddie Bauer on July 5, 2016 after hearing from several sources who work in fighting fraud at U.S. financial institutions. All of those sources said they had identified a pattern of fraud on customer cards that had just one thing in common: Use at some of Eddie Bauer's locations.
Krebs said in a post that a spokesperson for Eddie Bauer at the time said the company was grateful for the outreach but that it had not heard any fraud complaints from banks or from the credit card associations.
"Given the volume of point-of-sale malware attacks on retailers and hospitality firms in recent months, it would be nice if each one of these breach disclosures didn't look and sound exactly the same," Krebs' post read.
John Christly, CISO at the Fort Lauderdale, Fla.-based cybersecurity firm Netsurion, said, "It is very apparent that retailers of all sizes need to be armed with better tools and increased cyberintelligence to ward off and alert to these kind of attacks. And for those that may have some of these tools on their toolbelt already, they should consider finding companies to work with to enhance their monitoring of these tools."
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
