Sally Beauty investigating unusual credit card activity

Sally Beauty Holdings Inc., which reported more than a year ago that it had been the victim of a cyber breach, said it is investigating new “unusual” payment card activity at some of its U.S. Sally Beauty stores.

The chain reported in March 2014 that a data breach affected records of fewer than 25,000 credit card holders.

In a statement Monday, the beauty supply chain said it has been working with law enforcement and its credit card processor since learning of the reports of unusual activity, and has launched a comprehensive investigation with the help of a third-party forensics expert to gather facts in the matter.

“It is difficult to determine with certainty the scope or nature of any potential incident, but we will continue to work vigilantly to address any potential issue that may affect our customers,” the company said in its statement.

There has been speculation in media reports that the latest incident reflects that the company may have inadequately purged last year’s hackers from its system.

In response to questions on the matter, a spokesman said in a subsequent email that “At this point, it would be too early to speculate beyond what we said in the statement yesterday.”

The Denton, Texas-based firm said it operates 4,900 stores, including about 200 franchise units, throughout the United States and in Canada, Latin America and Europe.