Brooks Brothers acknowledged on Friday that a data breach had affected some of its retail locations in the U.S. and Puerto Rico over 11 months from April 2016 to March 2017, according to a company press release.
The company said some customer payment card information was collected by malicious software that had been installed on some of its payment processing systems at the locations in questions — both Brooks Brothers and Brooks Brothers Outlet stores. Compromised information may have included card names, payment card account numbers, card expiration dates and card verification codes, but not sensitive personal information such as Social Security numbers or customer addresses, the company said.
The men's apparel retailer, which has more than 400 stores worldwide, said it had hired independent forensic experts and alerted law enforcement after being informed of the breach. "While we are continuing to review and enhance our security measures moving forward to help prevent a future incident, we can confirm that this issue has been resolved and is no longer impacting transactions," the company said in a statement.