Genesco’s notification letter to the NH Attorney General’s Office is available online. Their press release announcing the breach had been posted previously on this site.
The notification to the state does not add a tremendous amount of detail, but does note that the company first became aware of a problem when it was contacted by a payment processor who had noticed what appeared to be a pattern of fraud involving cards that had been used at Genesco stores. The company then retained a computer expert who notified them on November 30 that s/he had discovered malicious software on a portion of Genesco’s network.