Delta and Sears said today that a data breach may have leaked credit card information from hundreds of thousands of customers, as reported by Reuters for the first time. The breach occurred at an online support services company,  7, which drives the Delta and Sears online chat platforms.
Last year,  7 suffered a malware attack from September 27 through October 12, but the company only informed Sears and Delta in mid-March of this year about the violation, according to Sears. Delta said in a statement that "it is our understanding" that the incident occurred on September 16 last year. Customers who made online purchases of Sears and Delta during that period of time may have had their credit card information compromised.
Sears calculated that "less than 100,000 of our customers' credit card information" was affected and that Sears brand credit cards were not affected by the breach. He also said there was no evidence that the hackers had accessed the Sears internal systems. Delta said: "At this point, although only a small subset of our customers would have been exposed, we can not say definitively if we accessed the information of any of our clients or were subsequently compromised." He noted that passports and government IDs were not accessed.
Currently, federal law enforcement authorities, banks and IT security firms are investigating the violation, Sears said. Sears will begin a direct line for customer inquiries before Friday morning and Delta has opened delta.com/response, a site for customer concerns. We have contacted Delta and  7 and will update this article when we receive a response.
Last week, Saks Fifth Avenue and Lord & Taylor announced that they had been affected by a data breach that compromised five million credit and debit card numbers recorded by in-store transactions.