BRISBANE, Calif.—Bebe Stores has reportedly become the latest retailer to be breached by cyber-thieves.
KrebsOnSecurity, which was the first to report a number of high-profile breaches and in some cases the first to inform the retailers themselves, said evidence it has gathered “suggests” that credit and debit card data has been stolen from Bebe Stores. The company operates approximately 200 women’s clothing stores nationally.
KrebsOnSecurity said it has based its conclusion on patterns of fraudulent activity that some banks have been reporting on customers’ credit and debit cards, with the one commonality being all had been recently used at Bebe stores.
KrebsOnSecurity further reported that the cards were being sold on a cybercrime site called Goodshop on which data was being sold for $10 to $27 per card.
KrebsOnSecurity said it was unsure whether the breach has been stopped or whether it is ongoing.
Both CUNA and NAFCU have been highlighting the retailer breaches in meetings and correspondence with Congress to demand legislation that would hold the retailers responsible for costs related to such breaches.