Nationwide cosmetics and beauty retailer Sally Beauty confirmed that hackers had broken into its networks and stolen credit card data from stores. The admission comes nearly two weeks after KrebsOnSecurity first reported that the company had likely been compromised by the same criminal hacking gang that stole 40 million credit and debit cards from Target.
Sally Beauty Holdings confirmed Monday that it fell victim to a data breach, an incident that may have coincided with a project to update point-of-sale terminals at its U.S. stores, a recent regulatory filing shows. The Denton, Texas, based company, which has more than half of its 4,669 stores in the U.S., said it found evidence that fewer than 25,000 records containing credit card data were accessed and possibly removed, according to a statement. That follows its statement on March 5 that it was investigating “rumors” of a breach but had no reason to believe any credit card or consumer data had been lost.
