Sears, Delta Air Lines Hit in New Data Breach

April 9, 2018         By: Steven Anderson

If anyone else is getting unnerved by the seemingly increasing pace of data breaches lately, don’t worry, because you’re not alone. After just seeing Saks and Lord & Taylor get hit, news of another data breach arose from no less than Sears and Delta Air Lines, who disclosed recently that payment information from customers may well have been exposed.

The breach in question didn’t actually hit Sears or Delta, but rather their online support services vendor [24]7.ai. That company filled in Sears back in mid-March that a hack hit and revealed payment information for fewer than 100,000 customers. The hack itself, meanwhile, had apparently happened back in late September of 2017. It was subsequently identified and ultimately resolved, meanwhile, about two weeks later in October of 2017.

Delta, meanwhile, had been hit as well, but several aspects of its data collection were unaffected. That includes the really important stuff like passports and various government-related identifiers. Sears further noted that its stores and its internal systems hadn’t been affected by the hack, and any notion that the Sears credit card system had been affected was unsupported by any available data.

What’s disturbing here is that apparently Sears and Delta both knew about these breaches back in late-mid 2017, but didn’t mention them until just recently. That may not be so bad given the scope of the breaches in question—which seems pretty limited—but I know that if my information had been involved in a data breach somewhere along the line, I would have wanted to know about it, and not better than half a year after the fact.

Of course, given that nothing appears to have happened in that interim suggests that perhaps less was taken than expected, or that nothing of any particular value was lost. Plus, with all of Sears’ various troubles right now, the last thing it needs is a data breach besides. Still, talking about it this far after the fact will likely do it no favors either, and as for Delta, most of air travel right now isn’t looking great since the various issues United went through.

There’s never a good time for a data breach. For the sake of the customers involved, though, it’s better to warn them sooner rather than later.