Delta, Sears, Kmart data breach: Customer payment info possibly compromised in cyberattack


Update Apr 5, 2018 3:45 PM EDT: In addition to Delta Airlines, Sears Holdings announced that customer data from Sears and Kmart stores, including names, addresses and credit card numbers, may have been exposed during a security breach last fall.

>> Read more trending news 

Sears Holdings uses the same online chat service as Delta, [24]7.ai, and said in a statement posted on its website that it believes fewer than 100,000 customers were affected by the breach.

“As soon as [24]7.ai informed us in mid-March 2018, we immediately notified the credit card companies to prevent potential fraud, and launched a thorough investigation with federal law enforcement authorities, our banking partners, and IT security firms,” company officials said.

Sears Holdings said the credit card information of customers making purchases online between Sept. 27, 2017 and Oct. 12, 2017, may have been compromised, but that anyone using a Sears credit card was not affected.

The company said there’s no evidence its stores were compromised or that Sears’ internal data bases were compromised.

Sears Holdings is establishing a hotline for customers to find out more about the breach by Friday.

(Previous story)

Atlanta-based Delta Air Lines is the latest victim of a cyber incident.

>> Watch the news report here

Delta announced Wednesday that a "small subset" of customers may have had their payment information compromised online.

"(I’m) a little uneasy. I think they'll take care of it, so it will be OK, but the first gut reaction is a little nerve-racking," traveler Nicole Ladin told WSB-TV's Carl Willis at Hartsfield-Jackson International Airport, Delta's main hub. 

>> Visit WSBTV.com for the latest on this developing story

According to Delta, [24]7.ai, an online chat service they use, was hacked from Sept. 26 to Oct. 12 of last year, and payment information may have been compromised.

Delta said the airline was notified about the breach last Wednesday.

"It's just ... I think they have to make it 100 percent, to make it work 100 percent," traveler Marquise Bishop said.

Delta said the company will launch a special webpage at Delta.com/response at noon Thursday to address customer questions and concerns.

>> Read more trending news 

The airline also will start directly contacting customers who may have been impacted and ensure that customers are not responsible for any fraudulent payment card activity that may have happened.

Ladin told Willis that her mind will still be on her wallet as she flies home.

"Especially when you're a frequent flier. It gets a little nervous that that information has been leaked," Ladin said.

Here's is Delta's full statement about the cyber incident: 

"Last week, on March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber incident. It is our understanding that the incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017, and that during this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed – but no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.

"Upon being notified of [24]7.ai's incident, Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system. We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by [24]7.ai last October. At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised.

"We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers' information is of critical importance to us and a responsibility we take extremely seriously. Delta will launch delta.com/response, a dedicated website, noon ET April 5, which we will update regularly to address customer questions and concerns. We will also directly contact customers who may have been impacted by the [24]7.ai cyber incident. In the event any of our customers' payment cards were used fraudulently as a result of the [24]7.ai cyber incident, we will ensure our customers are not responsible for that activity."

>> Click here for more information from [24]7.ai


Reader Comments ...


Next Up in Nation World

Florida officers escorting Santa bust theft ring
Florida officers escorting Santa bust theft ring

Two Daytona Beach police officers escorting Mr. and Mrs. Claus to a tree lighting ceremony broke up a major theft ring in the parking lot Saturday night, the Police Department said.  >> Read more trending news  Officers Joe Evans and Courtney Wooleyhan were returning to duty, after escorting Santa and Mrs. Claus to the Tanger Outlets...
Tennessee man arrested, charged with raping 16-month-old, officials say
Tennessee man arrested, charged with raping 16-month-old, officials say

A man investigators said raped a 16-month-old child has been taken into custody, officials said Sunday. According to the Tennessee Bureau of Investigations, Simon Porter, 33, has been located and captured in Scottsboro, Alabama. Porter was arrested and charged with aggravated rape.
Stacey Abrams tells Hollywood not to boycott Georgia after Bryan Kemp wins governor's race
Stacey Abrams tells Hollywood not to boycott Georgia after Bryan Kemp wins governor's race

With several celebrities posting on social media that they plan to boycott Georgia after Brian Kemp won the gubernatorial race, his former rival Stacey Abrams implored them not to do so. >> Read more trending news  In a tweet Saturday evening, she wrote, “I appreciate the calls to action, but I ask all of our entertainment industry...
South Vienna students collect food to stock local pantry
South Vienna students collect food to stock local pantry

South Vienna Elementary School has been collecting canned goods and non-perishable items again this year for those in need in Clark and Champaign Counties. BREAKINGWright State settles 3-year federal visa investigation for $1M This is the second year the school has held a food drive for the food pantry at their local church, Nation Chapel United Methodist...
$1.1M roundabout planned at Xenia intersection
$1.1M roundabout planned at Xenia intersection

Roundabouts are becoming a popular alternative to traffic lights at intersections, and plans are underway to install one at a wide four-way stop in a neighborhood northeast of downtown Xenia. The city of Xenia and the Ohio Department of Transportation are working on the final details of the plan for a roundabout to be installed at North Columbus (U...
More Stories