Best Buy is the latest company to say that some customers’ payment information may have been exposed in a data breach of a third-party vendor that runs the retailer’s online chat services.
In recent days, Delta and Sears Holdings have also revealed that customer data may have been compromised in a cyberattack on the contractor, 7.ai.
Best Buy spokesman Jeff Shelman said the number of customers potentially affected is similar to that of Delta and Sears, which have said hundreds of thousands of customers could have been affected.
“As best we can tell, only a small fraction of our overall online customer population could have been caught up in this 7.ai incident, whether or not they used the chat function,” the company said. “We are fully aware that our customers expect their information to be safeguarded and apologize to the extent that did not happen in this case.”
Best Buy said it was recently notified by 7.ai that some of its customer payment information may have been compromised from Sept. 27 to Oct. 12. The Richfield-based retailer said it has been working to determine the extent to which information was affected.
The company has set up a website to answer questions and concerns about the incident.
It said it will contact affected customers directly and said they will not be liable for fraudulent charges that might have resulted. It will also offer free credit monitoring to consumers if needed.
“Out of an abundance of caution, we have disabled chat from the sensitive parts of our site,” Shelman said.
In its own statement, 7.ai said Wednesday that a “small number” of its clients were affected by the security incident and it has notified them.
“We have notified law enforcement and are cooperating fully to ensure the protection of our clients and their customers’ online safety,” the company said.
“We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed.”
In recent weeks, there have been a rash of cyberattacks. Some other companies that have been affected include Hudson’s Bay (the owner of Saks Fifth Avenue) and Under Armour.