Following the back-to-back data breach announcements from Under Armour and Hudson Bay Co. (parent to Saks Fifth Ave. and Lord & Taylor), Sears Holdings Corp, owner of K-mart and Sears department stores, has become the latest retailer to face a cybersecurity issue.
According to a company statement, the issue affected fewer than 100,000 of its shoppers.
On Wednesday, the department store chain informed customers that software service provider 7.ai notified Sears about a data security incident last fall involving the unauthorized access of customers’ personal data and payment information, including names, addresses and credit card numbers.
“As soon as they informed us in mid-March 2018, we immediately notified the credit card companies to prevent potential fraud, and launched a thorough investigation with federal law enforcement authorities, our banking partners and IT security firms,” the company explained in the statement.
Specifically, shoppers who completed a transaction on the Sears website between September 27, 2017 and October 12, 2017 might have been negatively impacted. Sears indicated that its stores were not compromised and internal systems were not accessed in the breach. Those who used a Sears-branded credit card are also in the clear, according to the company.
“Data security is of critical importance to our company, and we take any matter related to customer’s personal information very seriously,” the company said. “Our top priority at this point is to quickly identify the impacted customers, notify and assist them in every way possible.”
A hotline for customer concerns will be established by 10 a.m. Friday. The data breach also affected Delta Air Lines, which learned about the security issue on March 28 and informed customers that personal details related to passport, government ID, security and SkyMiles were not compromised.
How to Keep Your Information Safe After the Saks, Lord & Taylor, Under Armour Data Hacks