Macy’s says hackers accessed online customers’ credit card data

The data breach occurred between April 26 and June 10.

Macy’s Inc. said hackers obtained names and passwords of online customers and potentially were able to access data including their credit card numbers and expiration dates.

The data breach impacted one-half of one-percent of customers who were registered on Macys.com or Bloomingdales.com, spokeswoman Blair Rosenberg said Tuesday. Customer login and password data were taken from websites not related to Macy’s or Bloomingdale’s and were then used to access profiles on those sites, the company said.

“We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures,” Macy’s said in an emailed statement.

The disclosure marks the latest in a series of data breaches at major companies across a broad swath of industries, including retailers Hudson’s Bay Co. and Under Armour Inc., aerospace giant Boeing Co., airlines like Delta Air Lines Inc. and natural gas pipelines and electric utilities. Adidas AG said last month that millions of customers on its U.S. website could have been affected by a breach.

 

continue reading »