Sears, Delta Air Lines Customer Payment Data Compromised In Breach

A recent breach of [24]7.ai, a company that provides online support services to other companies, has exposed customer payment data, and both Sears and Delta Air Lines customers may have been affected.

Jonathan Weiss / Shutterstock.com

Both Sears and Delta have separately acknowledged their association in the “data security incident.” Both companies agree the incident ended on Oct. 12, 2017 — Sears marks the start date as Sept. 27, 2017, while Delta claims the incident began on Sept. 26. ([24]7.ai also claims the incident began on Sept. 26, so perhaps something else had an effect on Sears’ payment system that caused a slight delay.)

Sears said the incident “involved unauthorized access to less than 100,000 of our customers’ credit card information,” which leads us to believe the number is likely close to 100,000 credit cards. The incident impacted “certain customers” who made online purchases with Sears during that time.

Kmart, Too

Kmart is also part of Sears Holdings, and it appears that its customers were also affected by the incident. Sears notes that customers who used a Sears-branded credit card were not affected.

Delta is less specific in its statement when it comes to how many customers may have been impacted, only stating that “even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised.” The airline noted that only payment information was affected. Other sensitive information — including traveler data such as passports or flight miles — was not compromised.

More To Come?

Sears will be setting up a website for updates, and a hotline for customers by Friday. Delta will also be setting up a dedicated response website which should launch today. Considering that other companies also use [24]7.ai for online support, we’re wondering if more corporate announcements on this specific incident will occur in the near future.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews