Michaels Stores Inc. says Thursday that about 2.6 million cards used at its namesake stores may have been affected in a security breach but it has received "limited" reports of fraud.
The nation's largest arts and crafts chain, based in Irving, Texas, says that its subsidiary Aaron Brothers was also attacked. The company said that both stores were attacked by criminals using highly sophisticated malware that had not been encountered previously by the two security firms that were conducting the investigation.
The details come nearly three months after Michaels disclosed that it may have been a victim of a data breach.
A massive security breach at Target Corp. that affected 40 million cards has many shoppers worried about the safety of their personal data.
Eleven of the affected stores are in the St. Louis area, with locations in Ballwin, Brentwood, Chesterfield, Des Peres, Fenton, Florissant, O'Fallon, St. Charles, St. Louis, Washington, and Wentzville. Click here to see the entire list of affected stores.
"In an era where very sophisticated and determined criminals have proven capable of successfully attacking a wide range of computer networks, we must all increase our level of vigilance. Michaels is committed to working with all appropriate parties to improve the security of payment card transactions for all consumers," said Chuck Rubin, CEO.
Michaels is offering free identity protection, credit monitoring, and fraud assistance services to affected customers for the next 12 months.
(Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)