
Delta and Sears have been attacked. Elizabeth Keatinge (@elizkeatinge) has more.
Keeping customer information safe from hackers and threat actors is a tall order for companies nowadays. Their data is always under attack from cybercriminals waiting for that right software hole to exploit, hoping for one big payday.
But it’s not just the companies themselves who need to shore up their data security. The corporate world is filled with partnerships, connections, networks, and vendors that handle sensitive personal data as well. Just last month, a Walmart partner exposed the data of 1.3 million customers. Yikes!
This time around, however, customer information from not just one, but two major companies have been breached due to a third-party software partner malware attack. Read on and see if you’re affected.
Software partner breach led to data theft
On Thursday, Sears Holding Corp. and Delta Air Lines Inc. revealed that the payment information of hundreds of thousands of their online customers may have been exposed. Who’s the culprit?
Well, apparently a software service provider called [24]7 suffered a malware attack on or after Sept. 26, 2017, and hackers got away with the credit card numbers, CVV numbers, expiration dates, names, and addresses of around 100,000 customers (and potentially hundreds of thousands more). The incident was resolved two weeks later, on October 12, 2017.
[24]7 provides online chat and support services for a number of companies like Delta, Sears, and Kmart. In an official statement, [24]7 said that it has notified Sears in mid-March of this year and the incident is already being investigated.It’s still unclear why [24]7 decided to wait for more than five months before informing the affected companies about the data breach.
Disclaimer
The information contained in South Florida Reporter is for general information purposes only.
The South Florida Reporter assumes no responsibility for errors or omissions in the contents of the Service.
In no event shall the South Florida Reporter be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service. The Company reserves the right to make additions, deletions, or modifications to the contents of the Service at any time without prior notice.
The Company does not warrant that the Service is free of viruses or other harmful components