A security breach at service provider 7.ai impacted thousands of Delta Air and Sears customers, according to the companies. The intrusion took place around September 26, 2017, and continued until discovered and eliminated on October 12. The company provides support services for many companies, including Sears and Delta, which is how both of the latter companies were affected by the incident.
The two companies were alerted about the intrusion in mid-March. The extent of the exposure isn’t clear at this time. According to Reuters, Sears confirms that under 100,00 of its customers’ credit card info may have been exposed in the breach, but exact figures weren’t provided.
Delta Air hasn’t given any information about how many of its own customers may have been impacted, though that info will likely be released at a later date. Customers who had credit cards featuring the Sears branding weren’t affected by the breach.
Whether the exposed customers’ information was actually accessed, taken, and/or made available elsewhere isn’t known. The credit card data was left vulnerable during online support chats, but further details about how the intrusion took place aren’t given. Law enforcement was notified, according to the companies.
Though details are vague at this time, we do know that the data breach didn’t leave other sensitive information, such as government IDs and passport numbers, vulnerable. Customers should monitor their credit card statements for any signs of unusual activity and make a report if any is found.