CUs Work To Plug Michaels Stores Breach

Register now

LAS VEGAS – Credit unions around the country are blocking thousands of debit cards as they struggle to contain the latest nationwide data breach at Michaels Stores.

Nevada FCU cancelled 1,300 Visa debit cards after about 100 reports of fraudulent activity over the long Memorial Day weekend they have traced to the Michaels breach, one of dozens of credit unions that got it. “I think everybody did,” said Brad Beal, president of the $700 million Las Vegas credit union, who has been providing information to the U.S. Secret Service for the investigation.

Software programs have pinpointed the source of the credit union’s breach to the three Michaels stores in Las Vegas, according to Beal, who said they are still working to determine the extent of the breach. “We’re a little bit early to know how serious,” he told the Credit Union Journal this afternoon.

Nevada Federal has notified affected members through mail, email and robocalls that their cards may have been compromised and has warned them to monitor their transaction activity.

Meantime, consumers have already begun filing lawsuits over the latest cards breach, in Illinois, Florida and Massachusetts, three of the 20 states where Michael has stores.

Michaels notified customers May 11 that 90 key pads that were tampered with in the states of Illinois, Colorado, Delaware, Georgia, Iowa, Massachusetts, Maryland, North Carolina, New Hampshire, New Jersey, New Mexico, Nevada, New York, Ohio, Oregon, Pennsylvania, Rhode Island, Utah, Virginia and Washington. Store officials said the exposed PIN pad transactions occurred from Feb. 8 through May 6, when the tampered devices were disabled.


For reprint and licensing requests for this article, click here.