Sally Beauty Holdings Inc. on Thursday confirmed an “illegal intrusion” into its payment card system has occurred.
The Denton, Texas-based retailer announced last week that it was investigating the activity.
“We believe it is in the best interests of our customers to alert them that we now have sufficient evidence to confirm that an illegal intrusion into our payment card systems has indeed occurred. However, we will not speculate on the scope of the intrusion as our forensics investigation is still underway,” Sally Beauty President and CEO Chris Brickman said in a statement. “We are working diligently to address the issue and to care for any customers who may have been affected by the incident.”
A company spokesman said the firm cannot provide any additional information at this time.
The chain had also reported in March 2014 a data breach that affected records of fewer than 25,000 cardholders.
More than 90% of firms participating in a health care data security study have had a data breach, and 40% have had more than five, over the past two years, according to a study by the Ponemon Institute L.L.C.