In its most recent filing with the Securities and Exchange Commission (SEC), Fred’s Inc. disclosed this week that a security firm found malware in its system that was designed to lift customer credit card information. Although it appears from reports that the hackers may have had access to customer credit card information, the security firm did not find any evidence that the credit card information actually left Fred’s system. There is no indication that Fred’s has notified any customers of the incident.

Nonetheless, Fred’s indicated in its SEC filing that it is unable to estimate the cost of the breach, and that it may incur future liabilities if it has to reimburse credit card companies for costs and in the event that litigation ensues.