Security Experts:

Major Retailer Suffers System Intrusion - Payment Systems Compromised

Genesco Inc, a specialty retailer of branded footwear and other products, today announced that the computer network that processes its payment card transactions in the United States has been hacked, in what the company is calling a “criminal intrusion.” Genesco operates more than 2,225 footwear and headwear retail stores in the United States, Puerto Rico and Canada, principally under the names Journeys, Journeys Kidz, Shi by Journeys, Underground Station, Johnston & Murphy, Hatworld, Lids, Lids Kids, Hat Shack, Hat Zone, Cap Connection and Head Quarters.

The company said it is not aware of the extent of the intrusion yet, but did say that the systems that process payment transactions for its United States Journeys, Journeys Kidz, Shi by Journeys and Johnston & Murphy stores, and for some of its Underground Station stores have been compromised.

Related Content: Buena Vista University Data BreachHackers

The company believes the intrusion has been contained and is conducting a full investigation with the help of an outside expert to seek to determine the extent of any possible compromise of customer information that occurred in the intrusion.

The company warned that credit or debit card numbers, expiration date and card verification code contained on the magnetic stripe of some payment cards used at stores in the affected chains may have been by the hacker(s). Genesco didn’t provide any detail as to the possible number of records compromised.

Below is a letter from Genesco Chairman, President and Chief Executive Officer Robert J. DennisA Message From Genesco CEO Robert J. Dennis

December 10, 2010 Dear Customer:

Genesco recently became aware of a criminal intrusion into the portion of its computer network that processes payment card transactions for its United States Journeys, Journeys Kidz, Shi by Journeys and Johnston & Murphy stores, and for some of its Underground Station stores. Immediately upon learning of the intrusion, we took steps to secure the affected part of our network. We believe that the intrusion has been contained and are confident that our customers can safely use their credit and debit cards in all of our stores.

The Company has notified law enforcement authorities and is cooperating in law enforcement's efforts to identify those responsible for the intrusion. The Company has also notified the major card brands of the intrusion.

The extent of the intrusion is not known at this time. The Company is continuing to investigate the intrusion, with the assistance of an outside expert, in an effort to determine the extent of any possible compromise of customer information. It is possible that the credit or debit card number, expiration date and card verification code contained on the magnetic stripe of some payment cards used at the chains mentioned above may have been acquired without authorization during the intrusion. We currently have no reason to believe that personal information, such as names, addresses or Social Security numbers, was acquired by the intruder.

We recommend that customers review their card statements and other account information carefully and immediately notify their card issuer if they suspect fraudulent use. Because we have no reason to believe customers' personal information was compromised, we do not believe that identify theft is likely as a consequence of the intrusion. Nonetheless, we are providing the Reference Guide below, which details some steps you can take to protect your personal information. For more information or with questions, please call our Customer Information Center at (877) 441-2998 or write to me at 1415 Murfreesboro Road, Suite 490, Nashville, TN 37217.

We sincerely regret any inconvenience this attack on our network may cause you. As always, we appreciate your choosing to shop in our stores.

Sincerely,

Robert J. Dennis

Chairman, President and Chief Executive Officer Genesco Inc.

view counter