The California Office of the Attorney General reported a data breach involving Michaels Stores, Inc. on January 27, 2014. The breach involved a malware attack that affected approximately 2.6 million payment cards used at Michaels stores between May 8, 2013 and January 27, 2014, and affected approximately 400,000 payment cards at 54 Aaron Brothers stores between June 26, 2013 and February 27, 2014. Compromised information includes payment card numbers and expiration dates, but no personal information like names or addresses was reported as compromised.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-43887
TPRM report: https://www.rankiteo.com/company/michaels-stores-inc-
"id": "mic957072725",
"linkid": "michaels-stores-inc-",
"type": "Cyber Attack",
"date": "5/2013",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 2600000,
'industry': 'Retail',
'name': 'Michaels Stores, Inc.',
'type': 'Retail'},
{'customers_affected': 400000,
'industry': 'Retail',
'name': 'Aaron Brothers',
'type': 'Retail'}],
'attack_vector': 'Malware',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 3000000,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['payment card numbers',
'expiration dates']},
'date_detected': '2014-01-27',
'date_publicly_disclosed': '2014-01-27',
'description': 'A malware attack compromised payment card information at '
'Michaels Stores and Aaron Brothers stores.',
'impact': {'data_compromised': ['payment card numbers', 'expiration dates'],
'payment_information_risk': True},
'references': [{'date_accessed': '2014-01-27',
'source': 'California Office of the Attorney General'}],
'title': 'Michaels Stores Data Breach',
'type': 'Data Breach'}