LOS ANGELES (CBSLA/AP) — Delta Air Lines and Sears said Wednesday that some of its customers’ payment information may have been breached in a cyber attack last fall.
The airline said the incident involved 7.ai, a chat-services provider used by Delta and other companies. Both Delta and Sears do business with the software provider.
Delta says only “a small subset” of customers were affected, with payment information exposed from Sept. 26 to Oct. 12. It says no other personal details about customers, such as their passport, security or frequent-flyer account information, was affected.
Sears said in a statement that the company believes the data breach “involved unauthorized access to less than 100,000 of our customers’ credit card information.”
Both the Atlanta-based airline and Sears say 7.ai informed companies affected by the breach of the cyber attack last week. Delta brought in federal law enforcement and forensic teams and confirmed that the unauthorized access was cut off by October.
Delta says it will make sure customers aren’t held responsible if their payment cards were used fraudulently. It will create a website Thursday to update customers.
San Jose-based 7.ai said a “small number” of its client companies had their online customer payment information potentially exposed. It said it is confident that its platform is now secure and is working with its clients to determine if any of their customer information was accessed.
The company says it works with industries ranging from financial services to healthcare and e-commerce.
(TM and © Copyright 2018 CBS Local Media, a division of CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2018 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.)