The Buckle warns of data security incident
The Buckle issued the following statement Friday: "We became aware that The Buckle, Inc. was a victim of a security incident in which a criminal entity accessed some guest credit card information following purchases at some of our retail stores. We immediately launched a thorough investigation and engaged leading third-party forensic experts to review our systems and secure the affected part of our network. Through that investigation we learned that our store payment data systems were infected with a form of malicious code, which was quickly removed. Based on the forensic investigation, we believe that no social security numbers, email addresses or physical addresses were obtained by those criminally responsible. There is also no evidence that the buckle.com website or buckle.com guests were impacted. All Buckle stores had EMV -- "chip card" -- technology enabled during the time that the incident occurred and we believe the exposure of cardholder data that can be used to create counterfeit cards is limited. However, it is possible that certain credit card numbers may have been compromised... We are cooperating fully with card brands and forensic investigation services."