Impact of Chat Service Breach Expands to Best Buy, Kmart


#1

Impact of Chat Service Breach Expands to Best Buy, Kmart (Apr 9, 2018)

The software service provider [24]7.ai, which provides online chat services, announced last week that its platform had been compromised in 2017. Specifically, the company said that the attacks took place between September 26, 2017 through October 12, 2017. The threat actors were able to use the access to [24]7.ai’s platform to steal payment card information from [24]7.ai client websites. At the time of this writing, Best Buy, Delta Airlines, Kmart, and Sears have announced that they have been impacted by the breach. Affected companies are working with federal law enforcement to discern how much of their client’s payment data was affected.

Recommendation: Credit card numbers should be protected with the utmost care, and only used with vendors that you trust to keep your information in compliance with the relevant standards. Regular monitoring of financial accounts in addition to identity protection and fraud prevention services can assist in identifying potential theft of data.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.