Bebe Stores Reveals November Data Breach
Last week, women's clothing retailer Bebe Stores confirmed a data breach hit its payments system during a two-and-a-half week period last month. The retailer said it recently discovered "suspicious activity on computers that operate the payment processing system for its stores." It believes the hackers, which focused on data from payment cards swiped at Bebe stores, could have obtained data for cards used between November 8 and November 26.
The retailer has yet to confirm how many customers have been affected by the security breach, however, the company spokesman confirmed that Bebe has an independent forensics investigative firm in place to help mitigate the situation.
The company has been clear that purchases made via its website, mobile site or app, or in Canada and other international stores have not been affected, and that customers should feel comfortable continuing to use their payment cards in Bebe stores.
"Our relationship with our customers is of the highest importance," said Bebe CEO Jim Wiggett, in a statement. "We moved quickly to block this attack and have taken steps to further enhance our security measures."
The attack at Bebe, which was previously speculated, could have included access to cardholder data – such as account numbers, expiration dates and verification codes. The retailer advises customers that used their cards in Bebe stores during the November timeframe to review account statements for unauthorized activity. If any unauthorized charges occurred, customers should contact the issuing bank. Credit monitoring services will be offered for one year to customers who made a purchase using a payment card at the company's U.S., Puerto Rico or U.S. Virgin Islands stores during the affected time last month.
The retailer has yet to confirm how many customers have been affected by the security breach, however, the company spokesman confirmed that Bebe has an independent forensics investigative firm in place to help mitigate the situation.
The company has been clear that purchases made via its website, mobile site or app, or in Canada and other international stores have not been affected, and that customers should feel comfortable continuing to use their payment cards in Bebe stores.
"Our relationship with our customers is of the highest importance," said Bebe CEO Jim Wiggett, in a statement. "We moved quickly to block this attack and have taken steps to further enhance our security measures."
The attack at Bebe, which was previously speculated, could have included access to cardholder data – such as account numbers, expiration dates and verification codes. The retailer advises customers that used their cards in Bebe stores during the November timeframe to review account statements for unauthorized activity. If any unauthorized charges occurred, customers should contact the issuing bank. Credit monitoring services will be offered for one year to customers who made a purchase using a payment card at the company's U.S., Puerto Rico or U.S. Virgin Islands stores during the affected time last month.