Department store chain Sears Holding Corp and Delta Air Lines Inc said on Wednesday some of their customer payment information may have been exposed in a cyber security breach at software service provider [ 24]7.ai.
Sears said it was notified of the incident in mid-March and the incident led to unauthorized access to the credit card information of under 100,000 of its customers.
Technology firm [ 24]7.ai, which provides online support services for Delta, Sears and Kmart among other companies, found that a cyber security incident affected online customer payment information of its clients, it said.
The incident happened on or after Sept. 26, 2017 last year and was found and resolved on Oct. 12, the company said.
Delta says only “a small subset” of customers were affected, with payment information exposed. It says no other personal details about customers, such as their passport, security or frequent-flyer account information, was affected.
The No.2 U.S. carrier said while a small number of its customers would have had their information exposed, it cannot be said with certainty if their information was accessed and compromised.
Sears said its stores were not compromised and their internal systems were not accessed in the breach. There was no impact on the information of customers using a Sears-branded credit card, the retailer said.
© Thomson Reuters 2018, with a file from the Associated Press