Sally Beauty Reports 2nd Data Breach

Linn Freedman
Robinson & Cole LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Sally Beauty Holdings, Inc. (Sally) confirmed that it has suffered a second data breach in the last year. On March 14, 2014, KrebsOnSecurity reported that credit cards stolen from Sally had gone up for sale on an Internet site. Reportedly a data breach occurred when intruders gained access through a Citrix remote access portal for employees to log into the Sally system while working remotely. Sally later confirmed that approximately 25,000 records had been accessed and removed from its system by the hackers, impacting all of its stores.

Sally confirmed on May 28th that hackers have accessed its customers’ debit and credit card information through its point of sale systems. The intruders were able to install malware, which was active from March 6th to April 17th. Sally stated it has removed the malware and is offering credit monitoring for its customers.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson & Cole LLP | Attorney Advertising

Written by:

Robinson & Cole LLP
Robinson & Cole LLP
Contact
more
less

Robinson & Cole LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide