Bebe confirms data breach

Bebe (NASDAQ:BEBE) has confirmed a data breach in which hackers stole customer card data from nationwide stores over the course of several weeks in November.

News of a possible breach at the women's clothing chain was first reported on the Krebs on Security blog last week. The blog reported that several banks had complained about a pattern of fraudulent charges on customer credit cards that had all been used at Bebe locations across the country.

According to Bebe, an investigation indicates that the breach impacted payment cards swiped in stores between Nov. 8 and Nov. 26. Stores in the United States, Puerto Rico and the U.S. Virgin Islands were affected and data may include cardholder names, account numbers, expiration dates and verification codes, reported Krebs on Security.

Purchases made online or in an international store were not affected.

"Our relationship with our customers is of the highest importance," said Bebe CEO Jim Wiggett. "We moved quickly to block this attack and have taken steps to further enhance our security measures."

Bebe is offering customers impacted by the breach credit monitoring services for one year.

Bebe's CEO Jim Wiggett has been focusing on moving the brand forward with technology as the retailer's latest quarterly sales decreased almost 9 percent.

*This story originally appeared in FierceRetailIT's sister publication, FierceRetail.

For more:
-See this Bebe press release
-See this Krebs on Security blog post

Related stories:
Possible Bebe data breach
FBI issues malware alert
Asset management critical to IT security
Shoppers don't feel safe, demand to be compensated for security breaches
Retail security still very much under attack