Delta Air Lines, Sears Say They Were Hit by Cyberattack - NBC4 Washington
National & International News
The day’s top national and international news

Delta Air Lines, Sears Say They Were Hit by Cyberattack

Delta says it will make sure customers aren't held responsible if their payment cards were used fraudulently

    processing...

    NEWSLETTERS

    How to Protect Yourself From Hackers

    Thursday's news that Yahoo suffered a hack of 500 million of its user accounts may have many people taking a new look at how to keep their own email accounts and personal information secure. One easy way to protect yourself from hackers is by regularly updating your software. "Hackers are always finding new vulnerabilities to exploit," said Consumer Reports Editor Jerry Beilinson.

    (Published Friday, Sept. 21, 2018)

    Delta Air Lines and department store chain Sears Holding Corp said Wednesday that some of its customers' payment information may have been breached in a cyberattack last fall.

    The companies said the incident involved (24)7.ai, a chat-services provider used by Delta, Sears and other companies.

    Delta says only "a small subset" of customers were affected, with payment information exposed from Sept. 26 to Oct. 12. It says no other personal details about customers, such as their passport, security or frequent-flyer account information, was affected.

    The Atlanta-based airline says (24)7.ai informed it of the breach last week. Delta brought in federal law enforcement and forensic teams and confirmed that the unauthorized access was cut off by October.

    Delta says it will make sure customers aren't held responsible if their payment cards were used fraudulently. It will create a website Thursday to update customers.

    Sears, which said it was made aware of the breach in mid-March, revealed that the incident allowed unauthorized access to credit card information of under 100,000 customers, Reuters reported. 

    The chain said its stores were not compromised and its internal systems were not accessed. It added that customers using Sears-branded credit cards were not affected.

    (24)7.ai, which is based in San Jose, California, said a "small number" of its client companies had their online customer payment information potentially exposed. It said it is confident that its platform is now secure and is working with its clients to determine if any of their customer information was accessed.

    The company says it works with industries ranging from financial services to healthcare and e-commerce.