retail news in context, analysis with attitude

CNBC reports that Sears and Delta said yesterday that “some of their customer payment information may have been exposed in a cybersecurity breach.”

The breach occurred at a software service provider, [ 24]7.ai, that is used by both companies, and reportedly “led to unauthorized access to the credit card information of under 100,000 of its customers.”

According to the story, “the incident happened on or after Sept. 26, 2017 last year and was found and resolved on Oct. 12,” but Sears said it was not informed of the problem until last month.

While the information was exposed, the story says, there is no evidence that it actually was “accessed and compromised.”

This new breach comes in the same week as reports emerged that Panera Bread has been dealing with a data breach that exposed on its website information about millions of its customers.
KC's View:
Not sure which piece of this story I find more amazing - that it apparently took months for a retailer to be informed of a security breach, or that Sears actually has 100,000 customers.