[BreachExchange] Sears Holding, Delta Air hit by customer data breach at tech firm

[Inga Goddijn]

https://www.reuters.com/article/us-delta-air-cyber-24-7-ai/sears-holding-delta-air-hit-by-customer-data-breach-at-tech-firm-idUSKCN1HC089

Department store chain Sears Holding Corp (SHLD.O) and Delta Air Lines Inc
(DAL.N) said on Wednesday some of their customer payment information may
have been exposed in a cyber security breach at software service provider [
24]7.ai.

Sears said it was notified of the incident in mid-March and the incident
led to unauthorized access to the credit card information of under 100,000
of its customers.

Technology firm [ 24]7.ai, which provides online support services for
Delta, Sears and Kmart among other companies, found that a cyber security
incident affected online customer payment information of its clients, it
said.

The incident happened on or after Sept. 26, 2017 last year and was found
and resolved on Oct. 12, the company said.

Personal details related to passport, government identification, security
and SkyMiles information were not impacted, Delta said.

The No.2 U.S. carrier said while a small subset of its customers would have
had their information exposed, it cannot be said with certainty if their
information was accessed and compromised.

Sears said its stores were not compromised and their internal systems were
not accessed in the breach. There was no impact on the information of
customers using a Sears-branded credit card, the retailer said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180405/d54646e7/attachment.html>