Kmart Announces Credit And Debit Card Breach That Began In September

Image courtesy of (pixeljones)

Remember how this morning, we explained why it is inevitable that if you shop anywhere, your payment data or personal information will be part of a hack? On Friday evening, Kmart dropped the news that they have also been hacked, with malware installed in their in-store payment system. They have not yet announced how many customers have been affected.

Similar to the Dairy Queen/Orange Julius breach that was confirmed today, as well as the Jewel/Osco hack before that, and the Jimmy John’s, Home Depot, and Target payment data breaches before that, in-store payment systems were infected with malware, and an unknown number of credit and debit card numbers were stolen. Kmart’s parent company, Sears Holdings, says that so far, their investigation doesn’t show that any names, addresses, phone numbers, e-mail addresses, PINs, or Social Security numbers were part of the breach. The company also says that the Kmart website was not affected.

The breach began in September, and according to Kmart’s statement to customers, the breach was discovered only yesterday. If you shopped at at Kmart store between the beginning of September and yesterday, watch your credit or debit card statements carefully and get ready for a fresh new credit card.

Sears’s Kmart Says Hackers Stole Payment-Card Data in Attack [Bloomberg News]
Kmart Investigating Payment System Breach [Kmart]

FURTHER READING:
Do You Ever Shop Anywhere? Congratulations: Your Data Will Be Hacked

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.