Clothing giant Brooks Brothers hit by year-long credit card data breach

A credit card breach at Brooks Brothers took a year to get under control, according to a data breach notification filed this week.

The New York City-headquartered clothing giant said in the advisory that a hacker obtained the credit card details of customers who visited any of the hundreds of stores in the US and Puerto Rico affected by the breach.

That includes the name, card number, expiration date, and verification code, according to the advisory -- more than enough information to make online payments.

The company said that the hacker installed malware on the point-of-sale devices used to process payments in-store between April 2016 and March 2017. The company's website remains unaffected by the breach.

A spokesperson for Brooks Brothers would not say how many customers were affected. A list on the company's website points to 223 retail locations affected by the breach, including in California, New York, Texas, Ohio, and Michigan.

In a statement, the company confirmed that the issue "has been resolved and is no longer impacting transactions."

"Once we learned of this incident, we took immediate action including initiating an internal review, engaging independent forensic experts to assist us in the investigation and remediation of our systems and alerting law enforcement," said the statement.

ZDNET INVESTIGATIONS

Researchers say a breathalyzer has flaws, casting doubt on countless convictions

Lawsuits threaten infosec research — just when we need it most

NSA's Ragtime program targets Americans, leaked files show

Leaked TSA documents reveal New York airport's wave of security lapses

US government pushed tech firms to hand over source code

Millions of Verizon customer records exposed in security lapse

Meet the shadowy tech brokers that deliver your data to the NSA

Inside the global terror watchlist that secretly shadows millions

198 million Americans hit by 'largest ever' voter records leak

Britain has passed the 'most extreme surveillance law ever passed in a democracy'

Microsoft says 'no known ransomware' runs on Windows 10 S — so we tried to hack it

Leaked document reveals UK plans for wider internet surveillance

• Researchers say a breathalyzer has flaws, casting doubt on countless convictions
• Lawsuits threaten infosec research — just when we need it most
• NSA's Ragtime program targets Americans, leaked files show
• Leaked TSA documents reveal New York airport's wave of security lapses
• US government pushed tech firms to hand over source code
• Millions of Verizon customer records exposed in security lapse
• Meet the shadowy tech brokers that deliver your data to the NSA
• Inside the global terror watchlist that secretly shadows millions
• 198 million Americans hit by 'largest ever' voter records leak
• Britain has passed the 'most extreme surveillance law ever passed in a democracy'
• Microsoft says 'no known ransomware' runs on Windows 10 S — so we tried to hack it
• Leaked document reveals UK plans for wider internet surveillance