Irving, Texas -- Michaels said on Friday it has removed the PIN pad tampering threat from its U.S. stores and believes it has identified the time frame that customer information was exposed. Based on the latest information available, exposed PIN pad transactions occurred from Feb. 8 through May 6, the date Michaels disabled the tampered devices.
"We are confident Michaels is a safe place to shop," said Michaels CEO John Menzer. "We want to express how deeply we regret any issues experienced by our loyal customers who have been affected in any way, and thank all our customers for their support."
Though the investigation is ongoing, as of May 12, fewer than 100 customer PIN debit cards have been reported used in fraudulent transactions. While credit-card information may also have been exposed during that time frame, law enforcement officials have not received any reports of related credit-card fraud, the retailer said.
Michaels continues to work closely with payment card brands and issuers to identify the accounts that may have been compromised so issuers can employ enhanced fraud security measures immediately on potentially impacted accounts. In addition, the company is assisting federal and state law enforcement authorities to help find the persons responsible for the crimes.