Best Buy and Sears Caught Up in Same Data Breach
Best Buy said some of its customers' credit card information may have been compromised in a data breach that also hit Sears and Delta Air Lines. The companies use 7.ai to provide chat services for customers.
7.ai said it "discovered and contained" an incident potentially affecting the online customer payment information of a small number of its client companies. The incident began on Sept. 26, and was discovered and contained on Oct. 12, 2017.
"We have notified law enforcement and are cooperating fully to ensure the protection of our clients and their customers' online safety," the company said in a statement. "We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed."
Best Buy said in a blog, " As best we can tell, only a small fraction of our overall online customer population could have been caught up in this 7.ai incident, whether or not they used the chat function."
Sears said it was notified of the incident in mid-March and the incident led to unauthorized access to the credit card information of under 100,000 of its customers.
Airline company Delta was also caught up in the breach, and said it was notified on March 28, by 7.ai that it had been involved in a cyber incident. The company said certain customer payment information may have been accessed – but no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.
"At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised," the company said in a press release.