(Chronicle, The (Centralia, WA) Via Acquire Media NewsEdge) April 19--Customers at a Chehalis craft store who shopped there in late spring or early summer of last year are urged to closely monitor their bank statements after a large-scale data breach has affected customers who used either debit or credit cards for purchases.
Michaels, a company that owns several stores, including its Chehalis location at 1441 NW Louisiana Ave., confirmed late Thursday on its website that evidence pointed to a sophisticated online attack against its stores between May 8, 2013, and Jan. 27, 2014. The company says nearly 3 million customers may be affected.
The company says the breach has been stopped, but said the Michaels store in Chehalis was potentially affected between May 8 and July 29, 2013. The Chehalis store is among 23 locations in Washington listed as having been affected, joining the company's stores in Lacey and Longview as having been targeted as well.
In a statement on the company's website, Michaels Chief Executive Officer Chuck Rubin said the company has received "limited reports of fraud" and will offer identity protection to all affected customers in the United States for a year at no charge. Michaels will also offer a fraud assistance service, in which a representative will help a customer if they have a fraud-related issue from the breach.
Anyone who suspects fraud on their account should contact their bank, financial institution or card issuer immediately.
More information on the attacks are available at Michaels' website at www.michaels.com. People requesting immediate help can call 1-877-412-7145 between 6 a.m. and 6 p.m. Monday through Saturday.
The data breach affecting Michaels is the latest in a recent series of such incidents at large retailers. In December 2013, Target Corp. confirmed that 40 million of its customers may have had their credit and debit card information compromised, later stating other personal information affecting a possible 70 million people may have been hacked into.
The Michaels data breach also comes at a time when awareness of a major bug known as Heartbleed is front and center on the general landscape of the Internet. Heartbleed is a security flaw in OpenSSL software used in many web servers. Multiple websites, including vendors and email services, have actively asked their users to change their passwords as a result of the bug.
Christopher Brewer: (360) 807-8235
(c)2014 The Chronicle (Centralia, Wash.)
Visit The Chronicle (Centralia, Wash.) at www.chronline.com
Distributed by MCT Information Services