Hackers Breach Kmart's Store Payment Card Systems

Posted on June 1, 2017
Riviera Beach Pays Nearly $600K to Recover Data after Ransomware Attack
Kmart is informing customers that their credit card details may have been stolen after learning of a security breach involving its payment processing systems. Sears Holdings, Kmart’s parent company, confirmed the incident on Wednesday, but did not disclose any information regarding the number of stores affected or when the incident occurred. The Illinois-based department store chain operates over 700 locations. However, according to sources, the breach does not appear to have impacted all Kmart stores. Security journalist Brian Krebs reported that smaller banks and credit unions first suspected the hack last week, after receiving alerts from credit card companies about "batches of stolen cards" that had all been used at Kmart locations. In response to inquiries about the allegations, Sears Holdings spokesman Howard Riefs said in a statement, saying:
“Our Kmart store payment data systems were infected with a form of malicious code that was undetected by current anti-virus systems and application controls. Once aware of the new malicious code, we quickly removed it and contained the event. We are confident that our customers can safely use their credit and debit cards in our retail stores."
Based on forensic information, the retailer has determined personal identifying information, such as names, addresses, Social Security Numbers or email addresses, was not obtained by cybercriminals. Although certain payment card details were compromised, Kmart believes its stores’ EMV “Chip and Pin” technology helped reduce the exposure to cardholder data, which can be used to create counterfeit cards. “We are actively enhancing our defenses in light of this new form of malware,” said Sears spokesman Chris Brathwaite.
“Data security is of critical importance to our company, and we continuously review and improve the safeguards that protect our data in response to changing technology and new threats,” said Brathwaite.
In October 2014, Kmart reported a similar incident that compromised customer credit and debit cards due to cybercriminals installing malware on payment systems. The retailer said the latest breach does not appear to be linked to a previous security incident. As always, customers are advised to review credit and debit card account statements to determine any discrepancies or unusual activity, and report any instances to their payment card issuer.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!