DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

America’s Thrift Stores notifies customers of payment card breach

Posted on October 9, 2015 by Dissent

Thrift store chain America’s Thrift Stores has disclosed a data breach involving an  unnamed third-party provider. A statement prominently linked from their home page begins:

A Statement From Our CEO Concerning Cyber Security

Dear Customers,

America’s Thrift Stores recently learned that it was the victim of a data security breach that occurred through software used by a third-party service provider. This breach allowed criminals from Eastern Europe unauthorized access to some payment card numbers. This virus/malware, is one of several infecting retailers across North America. The U.S. Secret Service tells us that only card numbers and expiration dates were stolen. They do not believe any customer names, phone numbers, addresses or email addresses were compromised. This breach may have affected sales transactions between September 1, 2015 and September 27, 2015. If you used your credit or debit card during this time to purchase an item at any America’s Thrift Store location, the payment card number information on your card may have been compromised.

As soon as we learned of this incident, America’s Thrift Stores began working with a leading independent external forensic expert and the U.S. Secret Service to examine the breach. We have identified and removed malware that was the source of the breach– and we continue to take steps to improve security against any future attacks. Shoppers can feel confident using credit or debit cards at any of our store locations.

 

[…]

It is not clear from the notification how many customers nationwide may have been impacted, where there has been any misuse of the payment card information, or who the service provider is. 

h/t, WAAY-TV
Category: MalwareMiscellaneousSubcontractorU.S.

Post navigation

← Email error results in data breach notification from Vacaville Housing Authority
IE: Gorey Credit Union says accounts not affected by email gaffe →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.