UPDATED 15:12 EST / APRIL 05 2018

INFRA

Data breach exposes Delta and Sears customers’ credit card details

A breach at a software provider has compromised the credit card information of numerous Delta Air Lines Inc. and Sears Holding Corp. customers, according to the two companies.

The outside provider in question is [24]7.ai Inc., which sells tools for managing contact center operations. According to a statement issued by Delta today, several hundred thousand flyers may have been affected. Sears, in turn, said that fewer than 100,000 customers are affected.

The two companies shared some information about the breach in their respective announcements. Sears said that it was notified by [24]7.ai in mid-March about an incident that the latter firm claimed took place from Sept. 27 to Oct. 12 of last year. Delta went into more detail, specifying that the customer service provider’s systems were infected with malware designed to steal payment information.

According to the airline, the attackers had access only to credit card details that customers typed in manually while purchasing tickets online. Delta said flyers who used its Delta Wallet application to enter the information automatically weren’t affected.

As for the stolen information, the airline said the malware compromised user addresses, card numbers, CVV numbers and card expiration dates. Sears didn’t specify what data was exposed about its customers, but it’s reasonable to assume the same details were involved, given the common source of the breach.

The breach at [24]7.ai is the latest in a string of high-profile cyberattacks that have come to light recently. Just a week ago, Under Armour Inc. revealed that hackers had stolen account details belonging to 150 million users of its popular MyFitnessPal diet tracking app. A few days before that, Expedia Inc. disclosed a security incident at its Orbitz travel booking site that may have compromised the payment information of as many as 880,000 customers.

Both Delta and Sears have committed to contacting users whose information may have been stolen in the breach.

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU