In a statement issued Saturday by the retailer's CEO Chuck Rubin, Michaels has learned of "possible fraudulent activity" on an undetermined amount of its US customers' payment cards, which indicates there may have been a breach. Besides not disclosing any more information regarding how many customers could be involved in the possible breach, Michaels has also not said when customers potentially affected by the breach shopped at the stores and if online or in-store shoppers or both could be involved.
Rubin added that customers should protect themselves by reviewing their account statements for unauthorized charges. Before Rubin made any announcements, however, security blogger Brian Krebs (krebsonsecurity.com) first reported the possible attack on Friday.
READ MORE Data Breach LEGAL NEWS
Regardless whether a breach has occured, Michaels Stores Inc. says it is working with federal law enforcement and data security experts.
The Target attack at the end of 2013, which affected up to 110 million customers, has resulted in a Target data breach class action lawsuit.
Michaels says it operates more than 1,100 stores in the US and Canada.