Macy’s Credit Card Data Breach Includes Card Numbers

Another retailer has been hit with a data breach. This time, Macy’s has revealed that hackers obtained names and passwords of online customers — and might have accessed credit card numbers and expiration dates.

The data breach impacted one-half of one-percent of customers who were registered on Macys.com or Bloomingdales.com, spokeswoman Blair Rosenberg said Tuesday (July 10), according to Bloomberg.

“We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures,” Macy’s said in an emailed statement.

While personal data including birthdates may have been accessed, the retailer said that social security numbers were not. The data breach occurred between April 26 and June 10, with the company detecting suspicious activity on June 11 and blocking the profiles in question on June 12.

Customers that may have been impacted have been contacted, and Macy’s said it is offering consumer protection services to them at no cost.

Macy’s is just the latest retailer to be hit with a data breach. Last month,  Adidas revealed that it had come under attack from cybercriminals looking to steal personal information, potentially affecting millions of customers.

And earlier this year, Under Armour revealed that it suffered one of the biggest hacks in history after data from 150 million users of its MyFitnessPal diet and fitness app was compromised in February.

The stolen data included account usernames, email addresses and scrambled passwords for the MyFitnessPal mobile app and website.

“On March 25, the MyFitnessPal team became aware that an unauthorized party acquired data associated with MyFitnessPal user accounts in late February 2018,” the company wrote in a statement. “The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident.”

In April, retailer Hudson’s Bay disclosed that customers at Saks and Lord & Taylor stores in North America have had their payment cards compromised. The breach, which is believed to involve 5 million cards, would be one of the largest involving payment cards over the past year.