Kmart was the recent victim of a cyber-attack. The vulnerability was a result of a crack in their credit card processing system. According to Sears, Kmart was infected with some type of malicious code.
The virus managed to escape Kmart’s implemented security measures. This resulted in the (possible) compromise of credit card details – especially those without EMV chips and pins.
Sears released a public statement confirming the cyber-attack,
“Once aware of the new malicious code, we quickly removed it and contained the event. We are confident that our customers can safely use their credit and debit cards in our retail stores.”
Although Sears Holdings is adamant on the unlikeliness of mass credit card exposure, several customers have already come forward to report suspicious behavior on their statements. Kmart is reevaluating their security implementations.
With the assistance of federal law enforcement specialists, banking partners and IT security firms, they are hoping to discover the flaw and fix it. Stephen Cobb, a researcher at a cybersecurity firm called ESET, comments on the situation:
“[This situation] is a reminder that criminals still find it profitable to hack credit card data, in this case from a large retailer that went through the same thing less than three years ago. Sadly, the American consumer is all too accustomed to hearing that their credit card ‘may have been compromised’ by a data breach at a big name store, restaurant or hotel.”
Consumers might be used to the reoccurrence of vulnerabilities in technology, but it won’t be long before compromised credit cards are the least of problems. Companies – big name or not – need to reexamine their security measures and take extra precaution. Kmart is now joining Chipotle on the list of major chains that have recently been hacked.