Bebe Stores Inc, the American women's fashion retailer, confirmed on Friday that some of its stores had been hit with a data breach exposing credit and debit card information of several customers.
In a statement published on its website, Bebe said that the breach affected some of its stores in the US, Puerto Rico and the US Virgin Islands. Its other international stores were not affected. Online purchases also remained untouched by the data theft.
The breach occurred between November 08 and November 24, and once the authorities noted suspicious activity in their payment systems, they hired computer and security experts to block out the malware that was exposing card data.
Bebe operates about 175 retail stores and 35 outlet stores in the United States, U.S. Virgin Islands, Puerto Rico and Canada. Though Bebe confirmed the breach it did not say how many customers were affected.
Bebe warned customers who swiped their cards at the mentioned locations to keep a check on their account details. It added that the company will be offering free credit monitoring services to affected customers for a year.
"Our relationship with our customers is of the highest priority and we recognize the importance of protecting their information. We moved quickly to block this attack and have taken steps to further enhance our security measures," Jim Wiggett, CEO of Bebe said in a statement.
News of a potential breach at Bebe stores emerged Thursday when several banks complained about a fraudulent pattern on customer credit cards. AS bank even found several of its cards on the online black market – and all of those cards were used at Bebe stores, KrebsOnSecurity reports.
Bebe is the latest company to join the bandwagon of firms that have been hit with massive data breaches of late. Target, Home Depot and Dairy Queen have all reported data hacking in the past few months, More than 100 million accounts have been compromised.
Sony Pictures also recently fell victim to a massive "password" hack that crippled the company's operations for a few days.
Cyberattacks are becoming a raging issue in the retail industry. Companies can go into deep debts in the aftermath of these attacks with mounting security and legal expenses. Some retailers face lawsuits from customers as well.
Experts say that banks and credit card companies need to tighten security standards. They also suggest removing the magnetic strip that helps transfer data from the cards and instead introduce a PIN number method and a computer chip to prevent such breaches.