Department store operator, Sears, and airline operator, Delta Air Lines, announced yesterday that payment card information belonging to some of their customers could have been exposed as part of a data breach at [24]7.ai.
[24]7.ai, which provides online support services to Sears and Delta Air Lines, among many others, informed Sears mid-March of the incident, claiming the hack resulted in the unauthorized access to credit card information for less than 100,000 customers. Sears noted its stores and internal systems were left out of the breach as well as any customers using Sears-branded credit cards were not impacted.
The firm claims the incident happened on or around September 26, 207 and was identified and resolved on October 12, 2017.
Delta Air Lines claims that a small number of its customers had their data exposed to compromise. The airline operator adamantly denies that any passport, government, identifications, security, and SkyMiles information was impacted.
Delta plans to debut its website designated for concerned customers later today, and Sears will have its customer support hotline off and running by Friday morning.
Sears and Delta are the latest organizations to disclose compromises in the recent weeks. Just a few weeks ago Orbitz disclosed that hackers stole personal information from around 880,000 payment cards after an intrusion on one of its third-party providers was discovered.
Breach and intrusion detection requires forensic level detection for files, service and process lists and other indicates such as network ports. NNT suggests implementing a sophisticated File Integrity Monitoring solution so any attempted unauthorized access is logged and alerted.
Read the article on Reuters