The Michaels store in Wayne was affected by a “security breach” that compromised customers’ personal information for more than six months over the past year, the store recently announced in a letter from its CEO.
According to the post, stores across the country experienced the breach between May 8 of last year and Jan. 27 of this year. Local stores experienced breaches during the following dates:
- Wayne: May 8 - July 29
- Edgewater: May 8 – Aug 10; Aug 31 – Oct 8; Oct 17 – Nov 24; Dec 11 – Jan 18
- Paramus: May 8 – Oct 8; Oct 17 – Nov 24; Dec 11 – Jan 18
- Ramsey: May 8 – Aug 11; Aug 31 – Oct 8; Oct 16 – Nov 23; Dec 11 – Jan 18
In a letter posted on the Michael’s website last week, CEO Chuck Rubin said the store has been working with law enforcement agencies and security companies to investigate the breach.
Point-of-sale systems at these and 25 other stores in New Jersey “were attacked by criminals using highly sophisticated malware that had not been encountered previously by either of the security firms,” Michaels worked with to conduct the investigation, Rubin said.
Rubin said the breach compromised customers’ credit card information in about 7% of all transactions in the impacted time period.
The CEO also apologized to affected customers.
“In an era where very sophisticated and determined criminals have proven capable of successfully attacking a wide range of computer networks, we must all increase our level of vigilance,” he said in the letter.
“We are committed to working with other parties to improve the security of payment card transactions for all consumers.”