Consumer Fraud

Kmart exposed customer credit and debit card information throughout month-long data breach

Kmart logo 210x210 Kmart exposed customer credit and debit card information throughout month long data breachAccording to a recently submitted SEC filing, Kmart, a subsidiary of Sears Holding Corporation, has had an unconfirmed amount of credit card numbers stolen during a month-long data breach. Kmart, which has roughly 1,200 stores across the United States, is just the latest retailer affected in what appears to be the greatest amount of data breaches to occur in a year’s time.

Kmart’s IT team was responsible for discovering the breach on October 9, despite the malware being “undetectable by current anti-virus systems.” Although Kmart confirms that the malware has been removed from its system, the investigation concluded that debit and credit card numbers were stolen during the month-long infection. No additional information, such as social security numbers, personal information, email addresses and PINs, id believed to have been compromised.

In addition to improving its current security systems in order to prevent breaches like this in the future, Kmart is also working with law enforcement, banks and security firms to figure out all of the specifics of the data breach. Unfortunately, the company is already dealing with sales declines and losses due to its inability to stay relevant to today’s shoppers.

Alasdair James, Kmart President and Chief Member Officer, released a statement in regard to the company’s data compromise, saying, “The privacy and security of our customers’ information is of utmost importance to us, and we are committed to doing everything we can to safeguard our customers’ information in the face of a recent surge of data attacks. To further protect our members and customers who shopped with a credit or debit card in our Kmart stores during the month of September through yesterday (Oct. 9, 2014), Kmart will be offering free credit monitoring protection.”