Another retailer reports a cyber attack that may have compromised consumers' credit and debit card information.
Vera Bradley, an upscale handbag and fashion retailer, said hackers apparently penetrated the company's payment card network at its stores between July 25 and September 23. Cards used at store locations during that time may have been compromised. Cards used for online payments were not affected, the company said.
“On September 15, 2016, Vera Bradley was provided information from law enforcement regarding a potential data security issue related to our retail store network,” the company said in a statement.
“Upon learning this information, Vera Bradley immediately launched an investigation with the assistance of a leading computer security firm to aggressively gather facts and determine the scope of the issue and promptly notified the payment card networks.”
Installed malware on the network
Vera Bradley said the investigation showed that hackers made unauthorized access to the company's payment processing system and installed malware that specifically looks for credit and debit card information.
The program is designed to grab the data on the card's magnetic strip, potentially containing the card number, cardholder's name, expiration date, and internal verification code. The company said it believes that is the extent of the breach and that no other customer data was put at risk.
What to do
If you used a debit or credit card at Vera Bradley in this time frame, there are a couple of things you should do. First, be on the lookout for fraudulent activity by carefully reviewing your most recent statements. If you see unauthorized charges, report it immediately to your card issuer.
Additionally, notify your card issuer that your card may have been compromised at Vera Bradley and request a new one.
Credit card data breaches have become distressingly common in recent years. There were high-profile breaches at Michaels craft stores, Target, and Home Depot in recent years. The move to the embedded-chip EMV card was supposed to stop these kinds of data breaches, but the transition to chip only cards has been painfully slow.
Not all retail locations have switched to chip card readers and even the new EMV cards contain the old magnetic stripe.