Kmart hit by data breach

Hoffman Estates, Ill. --Kmart is the latest retailer to be hit by a payment data breach. The breach was discovered last Thursday by the chain’s information technology team, and the company immediately launched an investigation with a leading security firm, according to Kmart’s parent company, Sears Holdings Corp.



“Our investigation to date indicates the breach started in early September,” Sears stated in a release. “According to the security experts we have been working with, our Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems. We were able to quickly remove the malware. However, we believe certain debit and credit card numbers have been compromised."



The company does not yet know the number of credit and debit card numbers that were stolen. However, it does not believe that debit card PINs, Social Security numbers or email addresses were compromised. There is also no evidence that kmart.com customers were impacted.



Sears said Kmart is working closely with federal law enforcement authorities, banking partners and IT security firms in the ongoing investigation. It also is deploying advanced software to protect customers' information.



“To further protect our members and customers who shopped with a credit or debit card in our Kmart stores during the month of September through yesterday (Oct. 9, 2014), Kmart will be offering free credit monitoring protection,” Sears stated.



Last Thursday, Dairy Queen said its in-store payments systems had been compromised with malware. And last month, Home Depot said 56 million cards had been compromised in a data breach that lasted five months.



Sears, Dairy Queen and Home Depot join such other national chains as Target, Neiman Marcus, Michaels, Albertsons, SuperValu, and P.F. Chang’s that have been plagued with security breaches over the past year.