(Reuters) – Apparel retailer Buckle Inc said on Friday that credit card information of some of its customers may have been compromised after its payment system was breached by a “criminal entity” following purchases made at some of its stores.
The Kearney, Nebraska-based company said it engaged outside experts to investigate the incident.
Based on the investigation, Buckle said no Social Security numbers, email addresses or physical addresses were obtained by the criminal entity, but certain credit card numbers may have been compromised.
The company said its store payment data systems were infected with a type of malicious code, which was then quickly removed.
“There is also no evidence that the buckle.com website or buckle.com guests were impacted,” the retailer added.
(Reporting by Laharee Chatterjee in Bengaluru; Editing by Leslie Adler)