The CEO of a craft store where millions of customers' credit cards were possibly put at risk apologized while explaining what his national company is doing to combat the breach.
Michaels Stores Inc. said Thursday that about 2.6 million cards used at its namesake stores may have been affected in a security breach but it has received "limited" reports of fraud.
The nation's largest arts and crafts chain, based in Irving, Texas, says that its subsidiary Aaron Brothers was also attacked. The company said that both stores were attacked by criminals using highly sophisticated malware that had not been encountered previously by the two security firms that were conducting the investigation.
"We want you to know we have identified and fully contained the incident, and we can assure you the malware no longer presents a threat to customers while shopping at Michaels or Aaron Brothers," wrote Michaels Store CEO Chuck Rubin in a letter posted to the company's website.
News of the breach came nearly three months after Michaels disclosed that it may have been a victim of a data breach.
"We are truly sorry and deeply regret any inconvenience this may cause," Rubin said. "Our customers are always our number one priority and we are committed to retaining your trust and loyalty."
Michaels is offering up to one year of credit monitoring for its customers at no cost and they also offered security tips to those who might have been targeted by the breach.
Security breaches have hit retailers hard in recent months. A massive security breach at Target Corp. that affected 40 million cards has many shoppers worried about the safety of their personal data.