Smart SpendingSmart Spending

Debit card readers compromised at Michaels stores

Customers who used a debit card at these stores should immediately contact their bank.

By MSN Money Partner May 12, 2011 11:39AM

This post comes from Mark Huffman at partner site


Michaels, a chain of craft stores, said debit card readers at 80 of its stores in 20 states show signs of tampering. That means consumers who used debit cards in those stores may have exposed their bank information to criminals.


Michaels said the 80 stores are located in Colorado, Delaware, Georgia, Illinois, Iowa, Massachusetts, Maryland, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, Utah, Virginia and Washington. You can find a complete list of the stores here (.pdf file). Post continues after video.

Consumers who have recently used debit cards at a Michaels store in the above states should immediately contact their bank's fraud department and report it. By issuing a new card and PIN, the bank may be able to thwart attempts to break into consumers' bank accounts. Michaels said customers who used credit cards should monitor their statements for fraudulent transactions.

The company said the compromised swipe pads have been removed and it will replace all 7,200 of its debit card keypads at all its stores. While the transition is taking place over the next two weeks, stores will accept only cash, credit cards or signature-based debit cards.


Criminal access to debit card data is much more dangerous than access to credit cards. With information from debit cards, crooks can empty a bank account. With credit card data, they can only make purchases, which the credit card company can disallow once they are shown to be fraudulent.


Electronic transactions have raised potential fraud to a whole new level in recent years. Keypad skimmers have become more common at gas pumps and ATMs. A skimmer is a keypad device that is placed over the real keypad by a scammer. The device captures the consumer's debit card information and PIN when they are entered.

It's not clear how the Michaels keypads were compromised, because neither the store nor the police are providing any details.


Security experts say keypads could have been replaced with skimmers by criminals posing as repair personnel. It's also possible the pads weren't replaced at all, but the network that linked them together was infected by malware, allowing the thieves to effectively take control of the devices.


More on and MSN Money:



Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


Smart Spending brings you the best money-saving tips from MSN Money and the rest of the Web. Join the conversation on Facebook and follow us on Twitter.