Retailer Data Breaches in 2018: Was Your Favorite Store Hacked?
Find out which retail chains have been hit and where you can go for help to protect yourself from identity theft, scams and financial fraud.
Corporate data breaches are becoming all too common. Last year, several high-profile companies including Chipotle, Equifax and Uber fell victim to computer incursions. In 2018, popular retailers are being targeted by hackers -- stores where you've shopped, paid with credit cards and handed over personal information to register for loyalty programs.
The list of big-name retailers that have reported data breaches in 2018 continues to grow. That means millions of shoppers' names, addresses, emails, credit cards, passwords, or other personal and financial information potentially have already been compromised. Here's a closer look at several recent retailer data breaches including details on where you can go for help to protect your identity and credit.
Retailer Data Breaches in 2018
|Company||Month Reported||Data Breach Details||For More Info.|
|Orbitz||March||A reported 880,000 users' personal information -- including full names, credit card numbers, phone numbers, and e-mail and street addresses -- was compromised.||The company is offering affected customers free credit monitoring and identity protection. Call 1-855-828-3959 or go to orbitz.allclearid.com.|
|Under Armour||March||An unauthorized third party gained access to personal information from 150 million users' of the company's MyFitnessPal app. Compromised data included e-mail addresses and hashed passwords, but not Social Security or driver’s license numbers.||Go to MyFitnessPal Account Security Issue: FAQs|
|Best Buy||April||The electronics retailer stated that 7.ai, a third party chat service provider it uses to communicate with online customers, suffered an intrusion that compromised customer payment information.||Best Buy will contact affected customers directly. Email questions to firstname.lastname@example.org.|
|Delta Air||April||The airline was also affected by the 7.ai breach. Certain online customer payment information may have been compromised. However, the company says hackers didn't gain access to passport, government ID or SkyMiles information.||Delta is providing free credit monitoring services to affected customers. Go to delta.allclearid.com to enroll.|
|Kmart||April||Kmart.com fell victim to the 7.ai data breach, as well. The store's parent company Sears Holding is advising affected customers to monitor their credit card statements and request a free copy of their credit report. They aren't currently providing free credit monitoring services.||Go to searsholdings.com/update|
|Lord & Taylor||April||Malware running on certain point-of-sale systems at possibly all Lord & Taylor locations in North America exposed customer payment information including credit and debit card numbers. A reported 5 million customers from sister companies Lord & Taylor, Saks Fifth Avenue and Saks Off 5th were affected.||Lord & Taylor is offering free credit monitoring to affected customers. Call 1-855-270-9187 Monday through Saturday, 8 a.m. to 8 p.m. CT.|
|Marriot International||November||The hospitality company discovered in September that an unauthorized third-party had been accessing its Starwood network since 2014. The hacker had access to the Starwood guest reservation database, which contains names, mailing addresses, as well as phone and passport numbers. A reported 500 million guests who've stayed at a Starwood property may have been affected.||Marriott has set-up a dedicated call center where concerned customers can get further information at 877-273-9481.|
|Panera Bread||April||Panerabread.com exposed customer records including full names, e-mail and street addresses, birthdays, the last four digits of customer credit card numbers, as well as loyalty card numbers, according to Krebsonsecurity.com.||The company says it has resolved the security issue.|
|Saks Fifth Avenue and Saks Off 5th||April||Malware running on certain point-of-sale systems at possibly all Saks Fifth Avenue and Saks Off 5th locations in North America exposed customer payment information including credit and debit card numbers. A reported 5 million customers from sister companies Saks Fifth Avenue, Saks Off 5th and Lord & Taylor were affected.||Saks Fifth Avenue and Saks Off 5th are offering free credit monitoring to affected customers. Call 1-855-270-9187 Monday through Saturday, 8 a.m. to 8 p.m. CT.|
|Sears||April||Sears.com was also hit by the 7.ai data breach. The store's parent company Sears Holding is advising affected customers to monitor their credit card statements and request a free copy of their credit report. They aren't currently providing free credit monitoring services.||Go to searsholdings.com/update.|
If you suspect your personal information has been compromised through one of these retailer data breaches, don't rely solely on the store to do the right thing to help ensure you are protected, suggests Liz Weston, a certified financial planner and columnist for NerdWallet.com. She advises consumers to be proactive by doing the following:
1. If a breach involves your Social Security number, immediately freeze your credit reports at all three credit bureaus (Equifax, Experian and TransUnion).
2. If your credit or debit card numbers were exposed, monitor those cards. Be wary of any e-mails or texts you receive asking for personal information or warning you of "problems with your account." Also, don't click on links that are sent to you from a source you don't know. Instead, type in the URL by hand into a browser to help avoid phishing attempts.
3. If passwords are exposed, change them on the affected websites and on any other sites where you may have used the same password (something you shouldn't be doing anyway). Even if passwords weren't compromised, it's a good practice to change them regularly.