Retailer Sears Holdings Corp (SHLD) said Friday the payment data system at its Kmart retail chain had been breached as a result of malware, and that certain debit and credit card numbers could have been compromised.
“According to the security experts we have been working with, our Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems,” the company said in a statement.
“We were able to quickly remove the malware. However, we believe certain debit and credit card numbers have been compromised.”
Kmart was unable to provide the number of customers affected. The company said however, forensic investigation indicates that no personal information, debit card PIN numbers, email addresses and social security numbers were obtained by the hackers. The company also said that its information technology team discovered the breach on Thursday and that it is “deploying further advanced software to protect customers’ information.” The breach, according to Kmart, started in early September.
The data theft at Kmart is the latest in a wave of data breaches that have hit several companies. Home Depot (HD) said last month its payment systems had been breached, putting at least 56 million cards at risk. Other large cybersecurity attacks in recent months include , J.P. Morgan (JPM), Target Corporation (TGT) and Apple (AAPL).
Shares of Sears plunged 6% in after-hours trading on Friday.