Delta, Sears, Kmart data breach: Customer payment info possibly compromised in cyberattack


Update Apr 5, 2018 3:45 PM EDT: In addition to Delta Airlines, Sears Holdings announced that customer data from Sears and Kmart stores, including names, addresses and credit card numbers, may have been exposed during a security breach last fall.

>> Read more trending news 

Sears Holdings uses the same online chat service as Delta, [24]7.ai, and said in a statement posted on its website that it believes fewer than 100,000 customers were affected by the breach.

“As soon as [24]7.ai informed us in mid-March 2018, we immediately notified the credit card companies to prevent potential fraud, and launched a thorough investigation with federal law enforcement authorities, our banking partners, and IT security firms,” company officials said.

Sears Holdings said the credit card information of customers making purchases online between Sept. 27, 2017 and Oct. 12, 2017, may have been compromised, but that anyone using a Sears credit card was not affected.

The company said there’s no evidence its stores were compromised or that Sears’ internal data bases were compromised.

Sears Holdings is establishing a hotline for customers to find out more about the breach by Friday.

(Previous story)

Atlanta-based Delta Air Lines is the latest victim of a cyber incident.

>> Watch the news report here

Delta announced Wednesday that a "small subset" of customers may have had their payment information compromised online.

"(I’m) a little uneasy. I think they'll take care of it, so it will be OK, but the first gut reaction is a little nerve-racking," traveler Nicole Ladin told WSB-TV's Carl Willis at Hartsfield-Jackson International Airport, Delta's main hub. 

>> Visit WSBTV.com for the latest on this developing story

According to Delta, [24]7.ai, an online chat service they use, was hacked from Sept. 26 to Oct. 12 of last year, and payment information may have been compromised.

Delta said the airline was notified about the breach last Wednesday.

"It's just ... I think they have to make it 100 percent, to make it work 100 percent," traveler Marquise Bishop said.

Delta said the company will launch a special webpage at Delta.com/response at noon Thursday to address customer questions and concerns.

>> Read more trending news 

The airline also will start directly contacting customers who may have been impacted and ensure that customers are not responsible for any fraudulent payment card activity that may have happened.

Ladin told Willis that her mind will still be on her wallet as she flies home.

"Especially when you're a frequent flier. It gets a little nervous that that information has been leaked," Ladin said.

Here's is Delta's full statement about the cyber incident: 

"Last week, on March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber incident. It is our understanding that the incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017, and that during this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed – but no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.

"Upon being notified of [24]7.ai's incident, Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system. We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by [24]7.ai last October. At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised.

"We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers' information is of critical importance to us and a responsibility we take extremely seriously. Delta will launch delta.com/response, a dedicated website, noon ET April 5, which we will update regularly to address customer questions and concerns. We will also directly contact customers who may have been impacted by the [24]7.ai cyber incident. In the event any of our customers' payment cards were used fraudulently as a result of the [24]7.ai cyber incident, we will ensure our customers are not responsible for that activity."

>> Click here for more information from [24]7.ai


Reader Comments ...


Next Up in Nation World

Man tries to hire hitman to kill ex-wife for $10,000, Hawks tickets
Man tries to hire hitman to kill ex-wife for $10,000, Hawks tickets

An Acworth inmate promised $10,000 and two Atlanta Hawks tickets to anyone who would kill his ex-wife and her current boyfriend. Word got around, including to an FBI informant. >> Read more trending news  Michael Lawrence Dane McEarchern, 29, was sentenced to 10 years in prison Monday, according to federal court documents. McEarchern was...
Atlanta mayor racks up nearly $12,000 in limousine tab in less than 5 months
Atlanta mayor racks up nearly $12,000 in limousine tab in less than 5 months

Atlanta Mayor Keisha Lance Bottoms has spent nearly $12,000 of taxpayer money on limousines in just five months, according to an investigation by WSB-TV and the  Atlanta Journal-Constitution and AJC.com. >> Read more trending news  An Atlanta City Hall spokesperson said that you can’t put a price tag on the mayor’s...
Parents file lawsuit after daughter drowns when she’s swept over dangerous dam while kayaking
Parents file lawsuit after daughter drowns when she’s swept over dangerous dam while kayaking

The parents of a kayaker who drowned after she was swept over a dam on the Ohio River last year are suing the U.S. Army Corps of Engineers. >> Read more trending news  Brittany Evans and Helene Brandy, both 25 years old, were killed when they went over the Dashields Dam in May of 2017.  The dam is located along the Ohio River...
Video shows black bear snarfing down family’s picnic in Georgia
Video shows black bear snarfing down family’s picnic in Georgia

A bear made a beeline for a picnic table in Pickens County, Georgia. The incident was caught on camera, WSB-TV reported. Video shows black bear snarfing down family’s picnic in Georgia. The large female black bear can be seen in the video climbing onto the picnic table and grabbing a package of hot dogs buns at the Big Canoe community in...
Mystery of glamorous Goodwill slides solved, family located in Midwest
Mystery of glamorous Goodwill slides solved, family located in Midwest

Their story has captivated the world. A metro Atlanta mom shopping at a local Goodwill happened upon their trove of memories. Eager to reunite the treasures with their owners, she sent a modern-day message in a bottle - a Facebook post - onto the roaring seas of social media.  >> Read more trending news   A story in The Atlanta...
More Stories