Michaels Stores, Inc. has made public more details about the theft of customer bank account data from some of their stores via compromised debit card PIN pads.
The company has identified what it describes as “less than 90” PIN pads from its U.S. stores (less than 1% of the total in use) that appear to have been tampered with. The tampered pads were found spread through stores in 20 different states around the country. Visit the Michaels website for a full list of affected stores.
The company has also removed approximately 7,200 PIN pads from its stores that are similar to the tampered ones. Until these pads are replaced, customer credit and debit transactions will be processed directly on the register at the affected stores. Michaels Stores are also conducting security examinations of all Canadian store PIN pads as a precaution.
The latest from the investigation indicates that compromised PIN pad transactions occurred between February 8th and May 6th. Fewer than 100 Michaels customers have reported fraudulent transactions on their debit cards from the data theft, the company says.
Michaels said in a statement Thursday that the Secret Service has commended their response to the data theft. The company is still recommending that customers take precautions such as watching their bank statements for fraudulent transactions. Any unauthorized transactions should be reported to the card issuer.