Sally Beauty Investigating Possible Data Breach

Sally Beauty Holdings Inc. on Monday said it is investigating reports of unusual activity involving payment cards at some stores, a year after disclosing a breach that affected more than 25,000 customer records.

The Texas-based retailer said it has been working with law enforcement and its credit-card processor but until the investigation is complete, "it is difficult to determine with certainty the scope or nature of any potential incident."

Last March, Sally Beauty reported an attempted data breach that it later determined to have affected more customers than initially estimated. The company said at the time that it believed it had shut down the attack.

A spokesman for the company confirmed that the investigation announced Monday is a new potential breach of card data.

The possible breach follows a string of high-profile incidents over the past few years. Target's 2013 breach, which compromised 40 million credit- and debit-card accounts, has led to renewed calls for merchants to upgrade their checkout terminals to accept cards that are embedded with computer chips that are more difficult for thieves to replicate.

Merchants face an October deadline to upgrade their equipment, as fraud liability will shift from banks to merchants under certain circumstances.