IRVING, Texas. (WOOD) –Michael Stores, Inc. have confirmed a data breach first reported in January, which affected several West Michigan stores.
Two independent security firms found Michaels Craft Stores and its subsidiary, Aaron Brothers, were attacked by criminals using highly sophisticated malware never seen by either of the firms, according to a statement on the company’s website.
The breach at Michaels happened between May 8, 2013, and Jan. 27, 2014, and affected West Michigan stores in Grand Rapids, Holland, Portage, Battle Creek, Hudsonville, Walker and Grandville.
Michaels says the affected systems contained certain payment card information, such as credit card numbers and expiration dates. But the company says there is no evidence that names, addresses, or pin numbers were at risk.
According to the CEO of Michaels, the malware no longer presents a threat to customers. However, they are encouraging customers who shopped during the breach to actively monitor their payment card account activity and immediately contact their bank or card issuer if they notice any suspicious activity.
Part of a statement from Michaels CEO read: We are truly sorry and deeply regret any inconvenience this may cause. Our customers are always our number one priority and we are committed to retaining your trust and loyalty.
While we have received limited reports of fraud, we are offering identity protection and credit monitoring services to affected Michaels and Aaron Brothers customers in the U.S. for 12 months at no cost to them. We also are offering these customers a fraud assistance service for 12 months at no cost to them. This service provides customers with a trained representative to assist them in the event they experience a fraud-related issue resulting from this incident.
For more information on the data breach or to read the full letter click here.
To see all the Michaels stores that were affected, click here.