Brooks Brothers Announces Year-Long Data Breach
Clothing retailer Brooks Brothers revealed in a statement that a credit card breach in their stores took a year to contain.
The breach, which started in April 2016 and was not resolved until March of this year, allowed cybercriminals to steal the credit card data of anyone who shopped at 223 retail locations in states including California, Michigan, New York, Ohio and Texas. The hacker was able to obtain the cardholder’s name, credit card number, card expiration date and verification code.
In its statement, the company reassured shoppers that “no sensitive personal information, such as Social Security numbers or personally identifying information” was stolen.
As is often the case in these types of breaches, the scammer was able to install malware on the point-of-sale systems that process credit card data. Purchases made via the company’s website would not be affected.
Brooks Brothers said that while they are still updating their security systems, this particular incident has been contained. “While we are continuing to review and enhance our security measures moving forward to help prevent a future incident, we can confirm that this issue has been resolved and is no longer impacting transactions.” They also reported the incident to law enforcement and hired a forensic team to help investigate the matter.
The company is recommending shoppers keep a close eye on their payment card statements to ensure the account numbers are not being used fraudulently. Any unauthorized charges should be reported immediately to the customer’s card company.