Macy's data breach exposes customers' credit card info

Why it can take hundreds of dollars to protect yourself online

Macy's says cyberthieves hacked the accounts of thousands of the retailer's online customers, compromising people's full names as well as their credit card numbers and expiration dates.

The attack, which occurred over roughly six weeks between the end of April and the beginning of June before being shut down, affected consumers registered on Macys.com or Bloomingdales.com. Logins and passwords were taken from sites unrelated to the retailers and then used to access data on both sites. 

"We are aware of a data security incident involving a small number of our customers," a Macy's spokesperson said in a statement to CBS MoneyWatch. "We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures."

Customers potentially impacted by the breach have been notified and offered free consumer protection services, the retailer said.

Saks, Lord & Taylor customers exposed in data breach

The incident follows a slew of major companies being targeted by hackers, including Hudson Bay, Under Armour, Boeing and Delta Air Lines. And less than two weeks ago, Adidas said data on millions of consumers might be in the hands of hackers after a breach involving its U.S. website.

Credit-reporting agency Equifax earlier this year added 2.4 million Americans to its initial count of 145.5 million impacted by a massive data breach last summer.

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.