Sears Holdings Corp., which owns Kmart, announced on Friday that customer credit and debit cards used at some Kmart retailers may have been vulnerable to a malicious software attack.
The company said in a statement that the breach appeared to have started in early September, and it was discovered by Kmart's IT team on Thursday. Kmart was quick to note that no personal information, such as debit PIN card numbers, email addresses, or social security numbers appeared to have been compromised. The company added that Kmart.com shoppers did not appear to have been impacted by the breach at all.
A spokesman for Sears declined to comment on the exact number of credit and debit cards affected, but he told The Wall Street Journal that the company is working with both the U.S. Secret Service and independent security firms to investigate the attack further. The company is also offering shoppers who have used their debit or credit cards at a Kmart over the past month free credit monitoring.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Continue reading for free
We hope you're enjoying The Week's refreshingly open-minded journalism.
Subscribed to The Week? Register your account with the same email as your subscription.