MICHAELS DATA BREACH EXPANDS TO 20 STATES

Michaels, the arts and crafts store, recently experienced a major data breach. The Michaels debit card breach is now believed to have affected stores in 20 states. Michaels customers were put at risk for identity theft when hackers switched PIN pads with skimmers.

Brian Riley, senior research director of bank cards at TowerGroup, says financial institutions, such as banks, discovered a common fraud link among complaints of unauthorized charges – Michaels. “The behavioral scoring in this was really high,” he says. “The pattern of transactions showed that all of these affected accounts had Michaels’ purchases in their history. Behavioral scoring is really where it’s at in card transactions,” as reported by Tracy Kitten at Bank Info Security.

Even advanced card technology, such as the Europay, MasterCard, Visa chip and PIN standard, which takes the skimmable magnetic-stripe out of the equation, would not have helped in the Michaels’ case, according to Riley. “With a tampered POS device, you can get around EMV,” says Riley. “A good, robust scoring system is the only way to really pick up on this. That’s why behavioral scoring is so important. That’s, quite often, how these things are discovered.”