Brooks Brothers breach in payment card palaver for a year

News by Max Metzger

The clothing retailer has had payment card malware harvesting customer details for nearly a year.

Over 220 Brooks Brothers locations have been the subject of a year-long breach. The clothing retailer recently announced that the breach has exposed the credit card using customers of “certain Brooks Brothers and Brooks Brother Outlet retail locations in the U and Puerto Rico”, but not between early April 2016 and 1 March 2017.

A list of the affected stores has been published on the website. SC counted 223 locations across the US and its protectorates.

Brooks Brothers put out an advisory on the incident, cataloguing the details of the incident. An “unauthorised individual” installed malware on the payment card systems of the store and ran his scam for a whole year.  The company believes that the attacker could have made off with payment card account numbers, card expiration dates and verification codes but not social security numbers, addresses “or any other personal information”.

The retailer is apparently on the case and have started an internal review, bringing in independent forensic experts to help with the investigation. The advisory recommends that customers monitor their card statements and credit report for any discrepancies, and adds, “we deeply regret any inconvenience or concern this may cause you.”

IHG hotels recently experienced a similar breach which hit locations across the US.The hospitality giant, which runs thousands of hotels including Holiday Inn and Crowne Plaza Hotels, reported a breach of their payment card systems in February. By April, it was reported that the breach could have hit payment systems in as many as 1000 locations.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews