Kmart Latest Chain Hit by Data Breach

Kmart Latest Chain Hit by Data Breach

October 13, 2014         Written By John H. Oldshue

Credit card hackers have hit another major retailer in the United States. This time, it’s Kmart.

In a filing last Thursday with the Securities and Exchange Commission, the company says a month-long data breach took place in early September. Debit and credit card numbers appear to have been compromised.

Kmart is one of a number of retail stores where card numbers have been compromised, including Target, Neiman Marcus, Home Depot and Michael’s. As with those stores, Kmart’s breach was likely the result of a nearly undetectable Backoff malware program that can be installed into the database of the store’s credit card system. Kmart has removed the malware since it was discovered on October 9.

Kmart, which is owned by Sears Holding Corporation, has not disclosed the scale of the breach at this time. They do not believe hackers were able to obtain social security numbers, email addresses, PIN numbers or personal information from the system.

Online customers who have used were not affected by the breach.

“Given the criminal nature of this attack, Kmart is working closely with federal law enforcement authorities, our banking partners and IT security firms in this ongoing investigation,” the company said in a statement. “We are deploying further advanced software to protect our customers’ information.”

Kmart is offering free credit monitoring for anyone who has shopped in their stores at any time between September 1 and October 9.

The information contained within this article was accurate as of October 13, 2014. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue