
Delta and Sears have been attacked. Elizabeth Keatinge (@elizkeatinge) has more.
Keeping customer information safe from hackers and threat actors is a tall order for companies nowadays. Their data is always under attack from cybercriminals waiting for that right software hole to exploit, hoping for one big payday.
But it’s not just the companies themselves who need to shore up their data security. The corporate world is filled with partnerships, connections, networks, and vendors that handle sensitive personal data as well. Just last month, a Walmart partner exposed the data of 1.3 million customers. Yikes!
This time around, however, customer information from not just one, but two major companies have been breached due to a third-party software partner malware attack. Read on and see if you’re affected.
Software partner breach led to data theft
On Thursday, Sears Holding Corp. and Delta Air Lines Inc. revealed that the payment information of hundreds of thousands of their online customers may have been exposed. Who’s the culprit?
Well, apparently a software service provider called [24]7 suffered a malware attack on or after Sept. 26, 2017, and hackers got away with the credit card numbers, CVV numbers, expiration dates, names, and addresses of around 100,000 customers (and potentially hundreds of thousands more). The incident was resolved two weeks later, on October 12, 2017.
[24]7 provides online chat and support services for a number of companies like Delta, Sears, and Kmart. In an official statement, [24]7 said that it has notified Sears in mid-March of this year and the incident is already being investigated.It’s still unclear why [24]7 decided to wait for more than five months before informing the affected companies about the data breach.