Michaels is investigating a possible data security attack, CEO Chuck Rubin said in a letter to customers.
The craft store chain recently learned of "possible fraudulent activity on some U.S. payment cards that had been used at Michaels," Rubin wrote in the letter, which is posted to the company's website.
Michaels did not disclose the scope of the potential breach, and the company did not respond to a request for comment by deadline. The company has about 1,100 stores in the U.S. and Canada.
Michaels also suffered a data breach three years ago following tampering with parts of the retailer's point of sale terminals.
The incident at Michaels follows other recently disclosed data breaches at Target and Neiman Marcus.
Michaels is working with federal law enforcement and is conducting an investigation with the help of third-party data security experts, according to Rubin's statement.