America’s Thrift Stores breached by Eastern European criminals
America’s Thrift Stores, a for-profit organization that operates thrift stores in Alabama, Georgia, Louisiana, Mississippi and Tennessee, is the victim of a data breach.
According to the organization’s CEO Kenneth Sobaski, the attackers managed to compromise software used by a third-party service provider.
“This breach allowed criminals from Eastern Europe unauthorized access to some payment card numbers. This virus/malware, is one of several infecting retailers across North America,” he noted in an official statement.
“The US Secret Service tells us that only card numbers and expiration dates were stolen. They do not believe any customer names, phone numbers, addresses or email addresses were compromised,” he noted.
But, according to Brian Krebs‘ banking sources, that was enough for the criminals to counterfeit new cards and used them to make fraudulent purchases.
The company called in external forensic experts to investigate the breach, and they apparently found that only the people who used their payment cards at the organization’s various stores between September 1, 2015 and September 27, 2015 have had their cards compromised.
The company didn’t say how many affected customers are in total.
They advised affected customers to keep an eye on their payment card statements in order to spot fraudulent activity or suspicious charges as soon as they happen so that they could notify the bank and the card issuer.
They didn’t offer any protection services, but advised users to place a fraud alert on their credit report.