The U.S. retail chain's payment systems were infected with a form of malware that went undetected by its anti-virus systems, Sears said. There is no evidence that Kmart shoppers' personal information, PIN numbers, email addresses or Social SecuritySecurity numbers were stolen, and the malware has since been removed, Sears said. Alles zu Security auf CIO.de
A forensic investigation indicates that the breach began in early September, Sears said. Kmart's IT team discovered the breach only this Thursday.
Sears did not have enough information to say roughly how many credit and debit card numbers were compromised, a spokesman said in an interview.
"We sincerely apologize for any inconvenience this may cause our members and customers," Sears said in a press release. The company is recommending that customers who have shopped with a credit or debit card at any Kmart store between September and Thursday of this week check their account statements.
More information about the breach will be posted at kmart.com. Customers can also call Kmart's customer care center line at 888-488-5978. Kmart will be offering free credit monitoring protection.