According to Michaels Stores, the breach apparently took place between the 8th of May 2013 to the 27th of January 2014. The company estimates that 2.6 million cards might have been affected. While this is a huge number, it only constitutes to about 7% of the payment cards used at its stores during the period, so not all of Michaels Stores’ customers are affected.
The company also claims that data such as customers’ names or personal identification numbers were at risk, but we guess it doesn’t hurt for you to change it anyway, just to be on the safe side of things. The malware that allowed the breach has since been dealt with and the company is working with law enforcement officials, banks, and payment processors to ensure that nothing is amiss.
For customers who have been affected by this breach, Michaels Stores has announced that they will be providing them with fraud monitoring and identity protection services. This isn’t the first time that the company has been breached and it joins other companies such as Target and LaCie who have recently experienced similar breaches themselves.