Malware has been siphoning off payment card details.
Naked Security explains:
Malware installed at point-of-sale (POS) systems has been stealing credit card data out of Brooks Brothers for a year, the clothing giant said in a breach advisory.
The New York-based retailer says that it only found out about the incident recently. It says that an “extensive” forensic investigation points to an unauthorized individual gaining access to and installing malicious software designed to capture payment card information on some payment processing systems at retail and outlet locations.
Hundreds of stores in the US and Puerto Rico have been affected. Brooks Brothers has published a searchable list of 223 affected locations.
Between April 2016 and March 2017, the POS malware was siphoning off customers’ names, card numbers, expiration dates, and verification codes: all the information necessary to make fraudulent online payments.