Macys Website Hacked To Gain Customer Credit Card Information

  • 81
  • 1

After Adidas, Macy’s becomes the next retailer suffering a major data breach. The officials confirm a breach of customer’s data after Macys website hacked. The unknown hackers accessed the system to pilfer customers’ data including personal information and credit card details.

Macys Website Hacked Exposing Customers’ Information To Hackers

According to the emails sent by Macy’s to their customers, the company suffered a data breach after Macy’s website was hacked exposing sensitive customers’ data. The unknown hackers accessed the site’s online customer accounts for six weeks to steal their sensitive information including credit card details. Macy’s detected the breach after noticing suspicious login activities on their websites and

As stated in their letter,

“Based on our investigation, we believe that an unauthorized third party, from approximately April 26, 2018 through June 12, 2018, used valid customer usernames and passwords to login to customer online profiles. We believe the third party obtained these customer usernames and passwords from a source other than Macy’s.”

Regarding the source of the breach, Macy’s believes that the hackers have obtained these customers’ account credentials through some other source instead of Macy’s.

After logging in to the accounts, the hackers could access all details available on the customers’ profiles. Hence, the breached data might as well include credit card information along with users’ names, addresses, contact numbers, email addresses and date of birth. Since does not store Social Security numbers or Credit Verification Values (CVV), they remained secure.

Security Measures Have Been Taken By Macy’s

After noticing the suspicious activity, Macy’s ensured they started employing all security steps as required. Not only did they began investigations, but also notified the customers whose details were leaked. Meanwhile, they have also blocked suspicious accounts allowing the customers to reactivate them manually.

“On June 12, we blocked profiles with suspicious logins. A customer’s profile will remain blocked until the customer updates the password associated with the profile.”

They also ask their customers to keep an eye on their financial transactions. Moreover, they also recommend changing passwords and set up unique passwords to secure their accounts.

Let us know your thoughts in the comments section.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!