SUBSCRIBE

Breaking News on Cosmetics Formulation & Packaging in North AmericaEU editionAPAC edition

Headlines > Business & Financial

Read more breaking news

 

 

Up to 25,000 payment records stolen at Sally Beauty

By Lucy Whitehouse + , 20-Mar-2014
Last updated on 20-Mar-2014 at 15:34 GMT2014-03-20T15:34:19Z

Up to 25,000 payment records stolen at Sally Beauty

Sally Beauty Holdings has fallen victim to data hackers, with up to 25,000 consumer card records illegally accessed during a recent security breach.

The international retailer and distributer of beauty products, which has revenues of $3.6 billion annually, found its data had been hacked on 5 March and disclosed the breach at the time.

Forensics from communications giant Verizon are continuing the investigation into the security breach and have now confirmed the illegal access of the data, and Sally Beauty stating that it is ‘likely’ that the accessed data was also stolen.

The company believes that affected records consist of card-present payment card data - customer name, credit or debit card number, and the card's expiration date and CV.

Cyber attacks

The beauty brand is a key player on the US cosmetics scene, with more than 2,700 retail outlets in the US, as well as acting as distributer to retailers across the world in Europe and South America.

The extent of the breach, though apparently smaller in scale than other recent illegal hacking attacks sustained fellow US retailers Target Corps and Neiman Marcus, has yet to be fully established.

It is difficult to ascertain with certainty the scope of a data security breach/incident prior to the completion of a comprehensive forensic investigation. As a result, we will not speculate as to the scope or nature of the data security incident,” Sally Beauty stated. 

Digital trust

The company was quick to reassure consumers, saying “customers are our top priority at Sally Beauty, and we will be responding to customers' needs concerning this security incident.”

We will be providing appropriate notifications to affected consumers and others, as necessary, as the facts develop and we learn more.

The company is keen to publicize the steps it is taking to contain the incident, including working with relevant bodies such as the U.S. Secret Service, and conducting a full review of all of payment card information systems.

It remains to be seen how consumers and shareholders will respond to the breach, as trust is paramount to digital sales, and how this will affect the company’s financial outlook. 

Related products

Key Industry Events

 

Access all events listing

Our events, Events from partners...

On demand Supplier Webinars

The CosmeticsDesign.com USA Anti-Aging Hair Care Forum
William Reed Business Media
All supplier webinars