Article Lead Image

Kmart stores hit by malware, leaving credit card data exposed

Nothing is secure anymore.


Micah Singleton


Posted on Oct 11, 2014   Updated on May 30, 2021, 10:28 am CDT

Kmart has been breached by hackers, the company announced yesterday in a statement. The company said malware began infecting its systems in early September, with debit and credit card numbers being exposed as a result. 

In a letter to customers, Kmart president and chief member officer Alasdair James noted that “no personal information, no debit card PIN numbers, no email addresses, and no social security numbers were obtained by those criminally responsible,” according to the forensic research Kmart had conducted up to that date.

James also said there is no evidence that users were affected by the breach. Kmart says the malware has been removed and the breach—which was detected by the company on Thursday—has been contained.

The Kmart breach follows a breach in Dairy Queen’s system that was announced on Thursday. Hackers gained access to the names, credit card numbers, and expiration dates of customers in 395 Dairy Queen stores, nearly ten percent of the company’s franchises. Dairy Queen has published a list of affected franchises.

Target, Home Depot, P.F. Chang’s, JP Morgan Chase, and AT&T have all been breached in recent months to varying degrees. Breaches have become all too common recently, showing that retailers are unprepared to deal with hackers.

Kmart says it will offer free credit monitoring protection, and that it is “working closely with federal law enforcement authorities, our banking partners as well as security experts in this ongoing investigation.”

H/T Reuters | Photo via Mike Kalasnik/Flickr (CC BY-SA 2.0)

Share this article
*First Published: Oct 11, 2014, 6:16 pm CDT