Kmart reveals breach of payment data systems

HOFFMAN ESTATES, Ill. — Kmart’s payment data systems were breached beginning in early September, possibly compromising certain debit and credit card numbers, the retailer has announced.



According to Kmart, on Oct. 9 its information technology team detected its payment data systems had been breached. The company immediately launched a full investigation and is working with an IT security firm. The investigation to date indicates the breach started in early September.



According to the security experts, store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems. The retailer was able to remove the malware. However, it believes certain debit and credit card numbers have been compromised.



Based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained in the breach. There is also no evidence that kmart.com customers were impacted.



For those customers who shopped with a credit or debit card in Kmart stores during the month of September through Oct. 9, Kmart will be offering free credit monitoring protection.



Given the criminal nature of this attack, Kmart stated that it is working closely with federal law enforcement authorities, banking partners and IT security firms in the ongoing investigation. It is deploying further advanced software to protect customers' information.