HOFFMAN ESTATES, Ill. --Kmart has announced that on October 9, the retailer's IT team detected that its payment data systems had been breached. The company has launched a full investigation working with a leading IT security firm, it said.
It joins retailers and restaurant chains including Dairy Queen, Jimmy John's, Home Depot, SuperValu, Albertson's, Jewel, Target and Michaels, to name just a recent few. In the convenience store and gas station channel, 7-Eleven and Mapco have experienced recent payment systems breaches.
"The security experts report that beginning in early September, the payment data systems at Kmart stores were purposely infected with a new form of malware," Alasdair James, president and chief member officer of Kmart, said in a notice posted on the company's website. "This resulted in debit and credit card numbers being compromised. Based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by those criminally responsible. There is also no evidence that kmart.com customers were impacted. This data breach has been contained and the malware has been removed."
He added, "To further protect our members and customers who shopped with a credit or debit card in our Kmart stores during the month of September through … Oct. 9, 2014, Kmart will be offering free credit monitoring protection."
Click here to view the full statement.
Given the criminal nature of this attack, Kmart is working closely with federal law enforcement authorities, its banking partners and IT security firms in an ongoing investigation, the company said.
Mass merchandiser Kmart, with approximately 1,200 stores nationwide, is a wholly owned subsidiary of Sears Holdings Corp., Hoffman Estates, Ill.
Members help make our journalism possible. Become a CSP member today and unlock exclusive benefits, including unlimited access to all of our content. Sign up here.