Attention denim lovers! You may have been the victim of a data breach within the year. The Buckle Inc. issued a press release informing shoppers of an undisclosed number of its physical locations that point of sale (POS) malware made it onto their systems and stole information from payment cards used at the stores. The malware was designed to grab information from the magnetic strips on the cards, which means those using the cards’ EMV chips are likely not affected.
Anyone shopping at any of the stores between October 28, 2016 and April 14, 2017 should pay close attention to payment card charges for at least the next year or until they are issued a new card from their financial institution. Those are the dates that The Buckle believes the malware was roaming the POS system. Investigators do not think, however, that information was stolen from every store on each day within that time frame. They also, however, have not broken it down into detail either.
If any suspicious charges are found on your statements, contact the issuer right away for resolution. The sooner you bring it to their attention, the less liability for both sides.
Although no social security numbers, physical addresses, or other identifying information is thought to be part of this breach, always keep an eye on your credit reports. One is available from each of the three reporting bureaus every year: Equifax, Experian, TransUnion. Contact them separately to order yours. Keep in mind that any information about you can be used against you in a phishing scam. Be ready for scammers to create realistic Buckle emails about this breach that try to get you to click a link or open an attachment. Your best bet in almost all cases is to never click on anything that you are not expecting from a source you know. If you want more information about any situation like this one, the safest practice is to navigate directly to the company website via your browser.
What is believed to have been accessed were account numbers, expiration dates, and names from the cards. Investigators are still trying to determine if more was accessed.
If you are at a payment terminal and still given a choice to use debit or credit with your card, choose the credit option. If you enter your PIN and the data is accessed, it’s possible for the thieves to recreate your card and empty your account. It may not be always convenient, but use your debit card as credit when possible.
The Buckle authorities do not believe their online shoppers were affected with this. So if you order at buckle.com, although you should still monitor your purchases, the likelihood your data was accessed during this event is thought to be low.
© Copyright 2017 Stickley on Security