The US Secret Service confirmed it was investigating the breach, which occurred in September 2014 and compromised the systems of Kmart, which has about 1,200 stores across the US. The breach did not affect the Sears department store chain.
A spokesman from Sears said he could not estimate how many credit and debit card numbers had been taken. He added that the personal information, debit card PIN numbers, e-mail addresses and social security numbers of its customers remained safe.
Sears declared that the attackers used malicious software that was undetectable using anti-virus software. Kmart apologized to its customers on the 10th of October and said it was working with federal authorities, banking partners and security firms in the probe.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now