Delta, Sears, Kmart data breach: Customer payment info possibly compromised in cyberattack

April 05, 2018
  • By Carl Willis, WSBTV.com

Update Apr 5, 2018 3:45 PM EDT: In addition to Delta Airlines, Sears Holdings announced that customer data from Sears and Kmart stores, including names, addresses and credit card numbers, may have been exposed during a security breach last fall.

>> Read more trending news 

Sears Holdings uses the same online chat service as Delta, [24]7.ai, and said in a statement posted on its website that it believes fewer than 100,000 customers were affected by the breach.

“As soon as [24]7.ai informed us in mid-March 2018, we immediately notified the credit card companies to prevent potential fraud, and launched a thorough investigation with federal law enforcement authorities, our banking partners, and IT security firms,” company officials said.

Sears Holdings said the credit card information of customers making purchases online between Sept. 27, 2017 and Oct. 12, 2017, may have been compromised, but that anyone using a Sears credit card was not affected.

The company said there’s no evidence its stores were compromised or that Sears’ internal data bases were compromised.

Sears Holdings is establishing a hotline for customers to find out more about the breach by Friday.

(Previous story)

Atlanta-based Delta Air Lines is the latest victim of a cyber incident.

>> Watch the news report here

Delta announced Wednesday that a "small subset" of customers may have had their payment information compromised online.

"(I’m) a little uneasy. I think they'll take care of it, so it will be OK, but the first gut reaction is a little nerve-racking," traveler Nicole Ladin told WSB-TV's Carl Willis at Hartsfield-Jackson International Airport, Delta's main hub. 

>> Visit WSBTV.com for the latest on this developing story

According to Delta, [24]7.ai, an online chat service they use, was hacked from Sept. 26 to Oct. 12 of last year, and payment information may have been compromised.

Delta said the airline was notified about the breach last Wednesday.

"It's just ... I think they have to make it 100 percent, to make it work 100 percent," traveler Marquise Bishop said.

Delta said the company will launch a special webpage at Delta.com/response at noon Thursday to address customer questions and concerns.

>> Read more trending news 

The airline also will start directly contacting customers who may have been impacted and ensure that customers are not responsible for any fraudulent payment card activity that may have happened.

Ladin told Willis that her mind will still be on her wallet as she flies home.

"Especially when you're a frequent flier. It gets a little nervous that that information has been leaked," Ladin said.

Here's is Delta's full statement about the cyber incident: 

"Last week, on March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber incident. It is our understanding that the incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017, and that during this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed – but no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.

"Upon being notified of [24]7.ai's incident, Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system. We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by [24]7.ai last October. At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised.

"We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers' information is of critical importance to us and a responsibility we take extremely seriously. Delta will launch delta.com/response, a dedicated website, noon ET April 5, which we will update regularly to address customer questions and concerns. We will also directly contact customers who may have been impacted by the [24]7.ai cyber incident. In the event any of our customers' payment cards were used fraudulently as a result of the [24]7.ai cyber incident, we will ensure our customers are not responsible for that activity."

>> Click here for more information from [24]7.ai