Third-party breach leads to Delta and Sears customer payment card data exposure

A data breach of third-party [24]7.ai has exposed customer payment card data of Delta and Sears. 

“[24]7.ai discovered and contained an incident potentially affecting the online customer payment information of a small number of our client companies, and affected clients have been notified. The incident began on Sept. 26, and was discovered and contained on Oct. 12, 2017,” the company stated in a press release

The company [24]7.ai provides online chat and analytics services for Delta and many other companies.  

Sears said they were contacted in mid-March about the incident, which involved unauthorized access to nearly 100,000 of their customers’ credit card information. Sears immediately contacted credit card companies to prevent potential fraud and launched investigations with law enforcement, banking and IT partners.

Likewise, Delta also issued a statement after the company was notified of the incident on March 28th.

“Even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” the company added. 

The source of the third party breach was not disclosed as of this writing. See also a CNBC video released for summary of the incident. 

Leave a Reply