Breach, Threat Management, Data Security

Sally Beauty investigates breach, no evidence of stolen payment cards

A weeks-old attempted intrusion is still being investigated, but Texas-based Sally Beauty has no evidence to suggest that 282,000 payment cards found in an online underground crime market were pilfered from the worldwide beauty supplies retailer – despite reports that suggest otherwise.

“We have no evidence that payment card or consumer data was taken,” Karen Fugate, a Sally Beauty spokeswoman, told SCMagazine.com on Wednesday.

Technology journalist Brian Krebs reported on Wednesday that 282,000 credit and debit cards – which were posted for sale on a popular online underground crime market on March 2 – had been purloined from Sally Beauty. Krebs wrote that three different banks purchased cards from the cache and determined that purchases made in Sally Beauty stores was the common point of compromise.

“This article only implies that 15 cards were [used at] Sally Beauty,” Fugate said.

A couple of weeks ago, a Tripwire system used by Sally Beauty detected an attempted intrusion, Fugate said, explaining Sally Beauty quickly shut down systems at the time and investigated the situation.

Sally Beauty enlisted the services of Verizon Enterprise Solutions to investigate the incident and the issue was fixed before any problems could arise, Fugate said, adding that while an investigation is still ongoing, business operations are running normally.

In a Wednesday statement emailed to SCMagazine.com, Dwayne Melancon, chief technology officer with Tripwire, said that establishing a system to continuously monitor the IT networks helped Sally Beauty prevent a breach from occurring.

“An interesting aspect of this incident is that the company shut off external communications once they received the alert that something was wrong,” Melancon said. “It seems that many organizations that suffer a breach are inclined to leave their systems up and running, rather than contain their losses by turning off services which, in some situations, could be a better response.”

U.S. retailer breaches involving large amounts of payment card data have been on the rise in the past few months. Target and Neiman Marcus are among companies that have confirmed breaches, but others, including Michaels and Sears, have only said that investigations of possible breaches are ongoing.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.