(Daily News (Jacksonville, NC) Via Acquire Media NewsEdge) April 23--Four area Michaels stores are on the list of North Carolina sites the company has identified as locations impacted by a recent data security incident.
Stores in Jacksonville, Morehead City, New Bern and Wilmington are among the 34 in the state where computer systems were attacked by a sophisticated malware, according to an announcement made Tuesday by Michaels Stores Inc.
The company announced in January that it had learned of possible fraudulent activity on some payment cards that customers used at U.S. stores, but locations were not identified until last week.
"The company has now identified and fully contained the incident, and the malware no longer presents a threat while shopping at Michaels or (subsidiary) Aaron Brothers," Michaels Stores said in statement.
The affected systems contained certain payment card information, such as payment card number and expiration date. There is no evidence that other personal information, such as name, address or PIN were at risk, the company said.
The data breach targeted a varied number of stores between May 8, 2013, and Jan. 27, 2014.
According to the information provided by Michaels, the potential date of exposure to the Michaels store in Jacksonville was between May 8 and Oct. 8, 2013, and again between Dec. 12, 2013, and Jan. 19, 2014.
Three time periods are given for the potential breech at the Morehead City and Wilmington stores
At Morehead City the dates were: May 8 to Oct. 8, 2013; Oct. 17 to Nov. 24, 2013; and Dec. 12, 2013 to Jan. 14, 2014.
For the Wilmington store the dates were: May 8 to Oct. 6, 2013; Oct. 17 to Nov. 24, 2013; and Dec. 12 to Jan. 19, 2014.
The potential exposure at the New Bern store occurred between May 8 and July 29, 2013.
An analysis by two independent security firms and the company indicates that approximately 2.6 million payment cards may have been impacted, which represents about 7 percent of cards used at Michaels stores during the time period of the data security incident.
Michaels has provided data about potentially affected payments cards to the relevant card brands so they can take appropriate action. The company said it has received limited reports of fraud; but it is offering identity protection, credit monitoring and fraud assistance services to affected customers in the U.S. for 12 months at no cost.
Details about the data security incident and services offered to affected customers are available online at michaels.com.
Contact Daily News reporter Jannette Pippin at 910-382-2557 or firstname.lastname@example.org.
(c)2014 The Daily News (Jacksonville, N.C.)
Visit The Daily News (Jacksonville, N.C.) at www.jdnews.com
Distributed by MCT Information Services