Eddie BauerCustomers who visited an Eddie Bauer location in the U.S. or Canada between Jan. 2 and July 17, 2016 should be on alert, as the company admitted in an Aug. 18 press release to an intrusion of its point-of-sale systems at all locations in North America. Upon detection of the malware, Eddie Bauer worked with the FBI, a third-party cyber forensics firm and the payment card companies to remove all malware and investigate the intrusion. According to the press release, the investigation determined that this breach was part of a larger series of attacks on multiple retailers, restaurants and other businesses. As of yet, no link has been verified between this attack and the recently confirmed Oracle MICROS point-of-sale system breach that put more than 330,000 merchants at risk. Keep reading to find out the details you need to know as an Eddie Bauer customer about this breach.

What customer data was at risk during this breach?

Since the malware was installed on point-of-sale systems, payment card information, including cardholder name, payment card number, security code and expiration date, was vulnerable to theft by hackers. Customers who shopped at any of the company’s more than 360 locations in the U.S. and Canada may potentially be at risk, though not all transactions made during the nearly eight-month period of time were affected. It’s important to note that no online transactions performed at the Eddie Bauer website are at risk — only those transactions performed in person.

How is Eddie Bauer protecting its customers?

Following the investigation into the matter, Eddie Bauer says it enhanced and strengthened its security to try and prevent future breaches. It is also notifying customers who may have been affected by the breach. However, since all of its North American locations were possibly impacted, Eddie Bauer is offering complimentary identity protection services to all customers who made returns or purchases during the time period when the breach was underway. This complimentary service is provided through Kroll and lasts 12 months after signup. A page has been set up for Eddie Bauer through Kroll to answer questions that customers might have about the breach and its aftermath.

What else should concerned customers be doing?

If you shopped at Eddie Bauer during the dates mentioned in this post, it’s important to check your payment card billing statements on a regular basis for any unusual transactions. Often, payment card thieves will run a “test” transaction to see whether or not a card still works before taking it for a shopping spree. Catching that initial, often small transaction and notifying your bank or credit card issuer immediately can make a world of difference when it comes to having your payment card information stolen. Additionally, although free identity protection service is a nice gesture, often the services provided en masse during a data breach aren’t quite up to par when it comes to monitoring the Internet black market for your personal information or keeping an eye on your credit reports for suspicious activity. A number of identity theft protection services we review excel at doing all of that and much more, and you can read about them at our identity theft protection reviews.

To get the latest data breach news and tips on how to protect your identity, follow our identity theft protection blog.