Vera Bradley (VRA) said it is investigating a potential security breach involving customer data at its retail stores over the summer.
The company said it was informed of a potential issue by law enforcement on Sept. 15. and hired a computer security firm to assess the size and scope of the problem.
The probe found unauthorized access to Vera Bradley’s payment processing system and the installation of a program that looked for payment card data. The program was specifically designed to find track data in the magnetic stripe of a payment card that may contain the card number, cardholder name, expiration date, and internal verification code as the data was being routed through the affected payment systems. There is no indication that other customer information was at risk.
The company didn’t say how many customers have been affected, or whether they had subsequently lost money. It urged customers to regularly review their activity to check for unauthorized transactions. The incident occurred between July 25 and Sept. 23.