Western wear retail chain Sheplers said it has experienced a data breach in which hackers gained access to its systems and some of its customers' payment card information over almost a three-month period that ended earlier this month.
A company spokeswoman said Monday that at this point the company is aware of “a few dozen” customers who have reported fraud. She said the retailer does not have cyber insurance.
Wichita, Kansas-based Sheplers, which has 21 stores in eight states, said in its announcement Friday that the breach potentially affects customers who used payment cards at its retail locations between June 11 and Sept. 4, 2014. It said the information at risk includes names, account numbers for both credit cards and debit cards, and card expiration dates.
The retailer said it has found no evidence that debit card PINs have been compromised, and it does not believe that social security numbers, which are not stored on payment cards, could have been accessed.
The company said it first learned about the breach from an informal tip from a financial institution, which was later confirmed by an investigation. “We have implemented new security measures, and we resumed processing credit cards in our stores only after determining that it was safe to do so,” said the retailer, which is offering its clients a credit monitoring service.
It is also encouraging its customers to review their credit and debit card statements for evidence of unauthorized charges.
Recent data breaches involving high-profile companies such as Target Corp. and Home Depot Inc. are having an effect on how much middle-market companies spend on data security, with most planning to increase spending, a new survey reveals.