Sally Beauty investigates breach, no evidence of stolen payment cards

Share this article:

A weeks-old attempted intrusion is still being investigated, but Texas-based Sally Beauty has no evidence to suggest that 282,000 payment cards found in an online underground crime market were pilfered from the worldwide beauty supplies retailer – despite reports that suggest otherwise.

“We have no evidence that payment card or consumer data was taken,” Karen Fugate, a Sally Beauty spokeswoman, told on Wednesday.

Technology journalist Brian Krebs reported on Wednesday that 282,000 credit and debit cards – which were posted for sale on a popular online underground crime market on March 2 – had been purloined from Sally Beauty. Krebs wrote that three different banks purchased cards from the cache and determined that purchases made in Sally Beauty stores was the common point of compromise.

“This article only implies that 15 cards were [used at] Sally Beauty,” Fugate said.

A couple of weeks ago, a Tripwire system used by Sally Beauty detected an attempted intrusion, Fugate said, explaining Sally Beauty quickly shut down systems at the time and investigated the situation.

Sally Beauty enlisted the services of Verizon Enterprise Solutions to investigate the incident and the issue was fixed before any problems could arise, Fugate said, adding that while an investigation is still ongoing, business operations are running normally.

In a Wednesday statement emailed to, Dwayne Melancon, chief technology officer with Tripwire, said that establishing a system to continuously monitor the IT networks helped Sally Beauty prevent a breach from occurring.

“An interesting aspect of this incident is that the company shut off external communications once they received the alert that something was wrong,” Melancon said. “It seems that many organizations that suffer a breach are inclined to leave their systems up and running, rather than contain their losses by turning off services which, in some situations, could be a better response.”

U.S. retailer breaches involving large amounts of payment card data have been on the rise in the past few months. Target and Neiman Marcus are among companies that have confirmed breaches, but others, including Michaels and Sears, have only said that investigations of possible breaches are ongoing.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.