The corporate hacks keep coming. The latest target, according to cybersecurity blogger Brian Krebs, is the beauty supply chain Sally Beauty (SBH), a retailer that draws customers from salons and other stylists.
A new batch of 282,000 stolen debit and credit cards were posted for sale this week on underground marketplaces, and Krebs believes they have been used at one of Sally Beauty’s 2,600 stores. It’s the latest scoop from Krebs, who has managed to penetrate the criminal underground to break major stories, including the Target (TGT) and Neiman Marcus (NMG) hacks.
He used a similar technique to help triangulate the source of the Sally Beauty data breach, working with banks to buy back some of their compromised cards and analyze which stores had transactions on each account. Krebs says the underground marketplaces offering the stolen Sally Beauty card data were also affiliated with the same young Ukrainian man whom he has linked to sales of data purloined from Target.
Sally Beauty’s spokeswoman Karen Fugate walked Krebs through the company’s efforts to investigate a possible breach. She said the retailer first noticed suspicious activity around Feb. 24, but so far investigators, including Verizon (VZ) Enterprise Solutions, have been unable to detect any hacks.
The highly publicized Target breach, coming in the middle of the key holiday shopping season, helped drag down store traffic this winter. But investors have rallied behind the company recently as Target moves to repair the damage caused by the hack. Today, Target announced an overhaul of its security operations, bringing in a new high-level executive to replace the outgoing head of information security, Beth Jacob, who resigned today.
The rash of retail-related breaches has intensified the battle between banks and retailers over who should be responsible when a store is hacked. Just minutes before the Sally Beauty news broke, the National Retail Federation submitted a statement to the House asking Congress to resolve the feud in a “holistic fashion.“