Teen apparel retailer caught in security breach

The Buckle is the latest cyber-crime target.



The teen apparel retailer was alerted that some guest credit card information was pilfered following purchases made at some of its retail stores. The chain launched a thorough investigation, which revealed that store payment data systems were infected with a form of malicious code, which was quickly removed.



The malware, which was found on certain point-of-sale (POS) systems, was designed to record payment card data — including account number, account holder’s name, and expiration date — from cards used in the manipulated devices. The Buckle believes that certain cards used in its stores between October 28, 2016 and April 14, 2017 may have been affected.



The Buckle promptly engaged forensic experts who performed a detailed investigation. Connections between The Buckle’s network and potentially malicious external IP addresses were blocked, potentially compromised systems were isolated, and malware-related files were removed.



The chain also believes that the malware did not collect data from all transactions or all POS systems for each day within that time period, according to the company. The forensics investigation also revealed that no social security numbers, email addresses or physical addresses were obtained by the criminals. There is also no evidence that The Buckle’s website or online guests were impacted, according to the company.



“All Buckle stores had EMV ‘chip card’ technology enabled during the time that the incident occurred and we believe the exposure of cardholder data that can be used to create counterfeit cards is limited. However, it is possible that certain credit card numbers may have been compromised,” The Buckle reported.



The chain continues to work with card brands and forensic investigation services, and any affected individuals either will receive communications from their issuing banks with additional instructions and/or replacement cards. Shoppers are also urged to closely monitor their payment card account statements, and immediately report any unauthorized changes to their banks, according to the retailer.