DATA BREACH: Kmart says customer credit card information hacked


Customer credit card information has been hacked from Kmart’s payment system, the company announced in a letter this week.

The retailer became aware of a security incident “involving unauthorized credit card activity” after customer purchases at some stores. The company launched an investigation to review and secure the impacted parts of the store network.

“Our investigation to date indicates our Kmart store payment data systems were infected with a form of malicious code (similar to a computer virus) that was undetectable by current anti-virus systems,” the letter said. “Once aware of the new malicious code, we quickly removed it and contained the event. We are confident that our customers can safely use their credit and debit cards in our retail stores.”

» RELATED: Kmart, Sears stores to close in Ohio

Credit card numbers were compromised by the hack, but Kmart said no personal identifying information – including names, addresses, social security numbers, birth dates and email addresses – was obtained during the hack.

The company does not believe its or Sears customers were impacted or that debit PIN numbers were compromised, according to a letter posted on Kmart’s website by Gareth Glynne, senior vice president of retail operations.

» Are Sears and Kmart closing near you? Company issues somber notice

“Given the criminal nature of this attack, Kmart is continuing to work closely with federal law enforcement authorities, our banking partners, and IT security firms in an ongoing investigation. We are also actively enhancing our defenses in light of this new form of malware. Data security is of critical importance to our company, and we continuously review and improve the safeguards that protect our data in response to changing technology and new threats,” Glynne wrote.

Customers can contact the customer care center at 888-488-5978.

About the Author