Macy’s has informed online shoppers of a data breach that lasted nearly two months. The breach affected an unspecified but “small number of our customers,” the retailer revealed in a letter emailed to Macys.com customers last week.
Macy's cyber threat alert tools detected suspicious login activities on June 11.
On June 12, Macy's blocked the profiles that seemed to be breached by the third party.
Macy’s will be providing affected customers one year of free identity protection through AllClear ID. In addition, the company also suggested that customers change their passwords and contact their debit or credit card companies to tell them about the data breach.
Macy’s is the latest in a string of retailers that have been impacted by data breaches in 2018. In March, MyFitnessPal, the fitness tracking app of Under Armour, suffered a breach that affected approximately 150 million accounts, Including user names, email addresses and encrypted passwords.
In April, more than five million credit and debit card records were stolen from Lord & Taylor, Saks Fifth Avenue and Saks Off 5th by a hacking syndicate (though only 125,000 of those were immediately offered for sale on the dark web). Later that month, both Sears and Best Buy confirmed that a number of customers had their payment information compromised during the payment breach of chatbot support services platform 7.ai. The incident exposed information of nearly 100,000 Sears customers.
Most recently, in late June, Adidas reported that a “few million” online consumers may have had their data exposed to an unauthorized party.
- Nordstrom NYC Local Stores Will Accept Macy’s, Kohl’s Returns
- ETail Boston 2019: Barneys NY Exec Reveals Post-Bankruptcy Strategy
- Macy’s, JCPenney Enter Resale Market With ThredUP Partnership
- Macy’s Opens New Data-Powered Distribution Center
- Macy’s, DICK’S Sporting Goods Collaborate To Launch Outdoor STORY Experience In 36 Stores