March 17 Beauty products retailer and
distributor Sally Beauty Holdings Inc said "fewer than
25,000" credit-card records may have been taken in a recent data
The company said on March 5 it discovered that its network
had been hacked but added no card or customer data appeared to
have been stolen.
Sally Beauty said on Monday that an investigation by
forensics firm Verizon had discovered the evidence that card
payment data may have been removed.
"As experience has shown in prior data security incidents at
other companies, it is difficult to ascertain with certainty the
scope of a data security breach/incident prior to the completion
of a comprehensive forensic investigation," Sally Beauty said.
"As a result, we will not speculate as to the scope or
nature of the data security incident," the company added.
Hacking has become a major concern for retailers in the
Target Corp said in December that some 40 million
payment card records were stolen along with 70 million other
customer records during a cyber attack over the holiday shopping
Target said last week that the security breach could have
been more extensive than reported.
The biggest credit card breach at a U.S. retailer reported
to date was an attack against TJX Cos, the parent of TJ
Maxx and Marshalls in 2007. The company disclosed that data from
45.7 million payment cards had been stolen by hackers over 18