Airline says payment info of "several hundred thousand customers" potentially exposed; Sears says under 100,000
A cyberattack on a vendor that supplies online chat services to Delta Air Lines ( DAL) potentially exposed payment information involving « several hundred thousand customers, » the carrier said Thursday. Sears ( SHLD) was also hit by a similar breach at the same contractor.
The breach that affected Delta occurred from Sept. 26 to Oct. 12 at a company called [24]7.ai. It let hackers access customer information including names, address, credit card information, CVV numbers and expiration dates, Delta said in a statement.
The contractor notified customers including Delta of the breach last week and said it had « contained » the incident affecting online customer payment information of its clients.
Delta set up a site offering information on the incident, while Sears said it would have a hotline for customers to call set up by Friday morning.
On Wednesday, Sears said it was alerted in mid-March by the same vendor of a security breach that occurred last fall. The incident allowed unauthorized access to less than 100,000 of its customers’ payment-card information, the retailer said.
Both incidents add to the expanding count of companies announcing cyberattacks in recent days that have exposed information on millions of people. Under Armour ( UAA) and Boeing ( BA) are among those have revealed breaches.
