CALABASAS, Calif., Oct. 31, 2013 /PRNewswire/ -- Over the summer, Harbor Freight Tools' payment processing system was illegally attacked by cyber-criminals. The attack was similar to attacks reported by other national retailers. In response, we immediately engaged a leading cyber-security company to investigate and notices were posted in every store and on our website. We blocked the attack and adopted enhanced security measures to make our systems more secure than ever.
Fortunately, this incident was limited to credit and debit card transactions made in our stores during a relatively short seven week period ( May 6, 2013 to June 30, 2013). Transactions after June 30, 2013 were not affected. For nearly all of these transactions, we believe that the attacker only found "track 2" data—information on the card's magnetic stripe that contains only the card account number, expiration date, and card verification number. For less than 1% of these transactions, the attacker may have found data that also included the cardholder's name.
Because we cannot identify which specific cards or information were actually taken, we are notifying our customers whose cards were used during the May 6, 2013 to June 30, 2013 time frame at each impacted store. For most of those purchases, we do not have sufficient information to identify the name or address of the customer. For those customers that we have addresses for, we began mailing letters to them on October 31. If you used your card in one of our stores during the seven week period and did not receive a letter, you should review the additional information on ways to protect yourself at www.harborfreight.com/protectingcustomers. You also can view a copy of the letter there.
If you see a fraudulent charge on your card, please immediately contact the bank that issued your card. Major credit card companies typically guarantee cardholders will not be responsible for fraudulent charges. Please be on the lookout and review your account statements for any unauthorized activity.