The retailer bebe has called on a cybersecurity firm to block an ongoing security breach that may have compromised the financial details of customers who swiped their cards at the clothing and apparel chain's stores in the U.S., the U.S. Virgin Islands and Puerto Rico.
The women's clothing retailer says data that may have been compromised includes account numbers, expiration dates, verification codes and cardholder names. Like similar hacks that have hit Home Depot and Jimmy Johns, the security breach at bebe isn't believed to have affected online sales and other transactions in which customer paid for products without swiping their cards.
In a statement, bebe says its investigation into the matter has determined that the security breach affected in-store transactions that occurred between Nov. 8 and Nov. 26. Bebe says it called in a "leading security firm" to secure the retail chain's stores after it recognized suspicious activity on computers that run its payment processing systems.
"Our relationship with our customers is of the highest priority and we recognize the importance of protecting their information," says bebe CEO Jim Wiggett. "We moved quickly to block this attack and have taken steps to further enhance our security measures."
The retailer says it is offering credit monitoring services to consumers who swiped their cards at any of the compromised stores during the breach. The company is urging consumers to monitor their financial accounts for any suspicious activity.
Bebe, a retailer of women's clothing and accessories, operates more than 200 retail stores and outlets in North America and U.S. territories. The company's Canadian locations appear to have be unaffected by the security breach.
As bebe works to mitigate what it believes to be a cyberattack, the Home Depot is still reeling from a breach that compromised thousands of its stores for months. Home Depot recently revealed that it is now facing 44 lawsuits.
After the months-long compromise was revealed and federal investigators stepped into probe the Home Depot breach, the home improvement chain later found that email addresses had also been exposed as a result of the breach. The full scope of the attack, which dates back as far as April, may still be unknown, Home Deport reported in a recent filing with the U.S. Securities and Exchange Commission.
"It is possible that we will identify additional information that was accessed or stolen, or other unforeseen developments related to the data breach could occur, which could have a further adverse impact on our operations, financial results and reputation," stated Home Depot.