The customers of at least two major US companies —department store chain Sears and Delta Airlines— might have had their payment card details stolen due to a hack at a common software supplier.
The hacked company is [24]7.ai, a San Jose-based company that provides various customers support services, including live chat systems and AI-assisted chatbots.
The company
revealed on Wednesday that an unauthorized party gained access to its network, from where it collected customer payment information for a small number of client companies.
Affected companies go beyond Sears and Delta
[24]7.ai did not reveal any customer names, but on the same day, both Sears and Delta Airlines published press releases revealing they were two of the victims.
Delta says the attacker managed to get its hands on information such as the card holder's name, address, card number, CVV number, and expiration date.
Delta didn't reveal how many passengers were affected but said the attacker didn't gain access to passport or government ID details, nor to data hosted in the SkyMiles program.
On the other hand, Sears put a number on the breach,
revealing the attacker had access to less than 100,000 payment card numbers.
