Have you wandered the aisles of Best Buy or Kmart within the past year? You might want to check your credit card accounts: Thanks to a security issue with customer service software (basically, an online chat tool) used by several big-name companies, thousands of shoppers may have had their names, addresses, and credit information stolen by hackers.
Just one day after Delta Air Lines and Sears confirmed that their customers may have been affected by the recent data breach, Best Buy and Kmart released statements about the technical transgression as well. The firm that provides the online chat tool, 7.ai, said that the hack — which happened between September 27 and October 12 of 2017 — "may have compromised certain customer payment information." The scarier part? Customers who didn't even use the online chat tool, but simply made purchases online, may be affected by the breach, as well.
Instead of panicking, visit the websites each company has set up to help consumers who believe they may have been impacted find out what steps they should take next.
Delta Air Lines
Delta Air Lines released an official statement about the breach in March. The company updated its statement on April 7, 2018, reassuring customers that no personal information — such as passport, government ID, security, or SkyMiles information — was impacted. To further help its customers, Delta is offering fliers the opportunity to enroll in a free protection service provided by AllClear ID, a customer security and fraud protection firm.
The services include AllClear Identity Repair and AllClear Fraud Alerts with Credit Monitoring. Both are completely free and are available any time during the next 24 months. To enroll in AllClear Fraud Alerts with Credit Monitoring, visit www.delta.allclearid.com.
Sears and Kmart
Sears Holdings — the owner of both Kmart and Sears — released a statement ensuring customers that the breach was limited to Sears.com and Kmart.com, and only in the timeframe between September 27, 2017 and October 12, 2017. Consumers who used a Sears-branded credit card or who had a saved card to their Sears.com or Kmart.com profile, were not affected.
In hopes of easing everyone's mind, Sears Holdings created a website of FAQs and a toll-free hotline. For more information about the breach, please visit www.searsholdings.com/update or call 888-488-5978.
Best Buy has remained surprisingly calm during this fiasco, stating that only "a small fraction" of its online customer population could have been affected in the incident. Even so, the company has made it clear that its customers' privacy is of the utmost importance. In response to the hack, Best Buy released a website where customers can ask questions or address any concerns.
If you think you've been impacted by the 7.ai breach, call your bank to report the fraudulent charges immediately. Remember to check your statements and be on the lookout for strange activity. To be on the safe side, request a brand-new card and destroy the old one.