Kmart has suffered another credit card breach Attack.Databreach , its second in three years . This time though , its chip-and-PIN card readers significantly contained the fallout . Kmart is not saying how many of its 750 stores in the US were affected by the point-of-sale ( PoS ) malware , but it stressed that no personal data , including names , addresses , Social Security Numbers or email addresses , was stolen Attack.Databreach . It also talked up its EMV reader implementation . Kmart has EMV-enabled terminals in its stores , forcing customers with chip cards to insert their cards instead of swiping their stripes , which minimized the impact of the infection . Still , as independent researcher Brian Krebs reported , those consumers without chip cards could feel significant effects : “ The malware copies Attack.Databreach account data stored on the card ’ s magnetic stripe , ” he explained . “ Armed with that information , thieves can effectively clone the cards and use them to buy high-priced merchandise from electronics stores and big box retailers. ” Several financial institutions flagged the breach to Krebs , indicating that fraud is indeed occurring as a result of the attack , though again , no details are available as to how widespread the impact is . The incident has no relation to previous breaches , the bargain retailer said in an FAQ , noting that it ’ s confident that it was successful in eradicating any residual traces of malware or persistence left behind by earlier attacks . Instead , its payment systems were infected with malware that Kmart says was “ undetectable ” by its antivirus protections . “ Does this mean that we may be dealing with an entirely new family of malware or methods of infecting POS terminals , or that the solution they were using was unable to detect the threat ? ” said Richard Henderson , Global Security Strategist , Absolute , via email . “ If the former , then it will be absolutely critical for Kmart to get information about this attack to other retailers , antivirus companies and network security appliance vendors so that everyone can both look for indicators of compromise inside their own networks and bolster defenses against this new threat. ” If a hole was simply found in KMart 's defenses , it brings up the need for a defense-in-depth approach , he added . The incident was a passing test for the PCI DSS standard of payment security as well , some said . `` This is another example what cybersecurity experts are saying day by day : no IT systems can stay safe if they hold something valuable , ” said Csaba Krasznay , product evangelist at Balabit , in a note . “ More than 10 years ago , T.J.Maxx suffered a very similar data breach Attack.Databreach when approximately 100 million cards data was stolen Attack.Databreach . That incident helped the drive for credit-card companies to introduce PCI DSS as a mandatory security standard for everyone who manages card data . If Kmart was really able to avoid large scale data leakage , then we can be sure that PCI DSS is mature and useful enough in these circumstances , at this point . ''

Cyber attacks are becoming commonplace in 2017 and the most recent one might be a credit card breach Attack.Databreach which hit the popular retail chain Kmart , reported first on May 16 , but only confirmed by parent company Sears Holding on Wednesday . `` Our Kmart store payment data systems were infected with a form of malicious code that was undetectable by current anti-virus systems and application controls . Once aware of the new malicious code , we quickly removed it and contained the event . We are confident that our customers can safely use their credit and debit cards in our retail stores , '' Howard Riefs , a spokesman for Sears Holding , said in a statement to Patch . The company further explained the risk to its customers . “ Based on the forensic investigation , NO PERSONAL identifying information ( including names , addresses , social security numbers , and email addresses ) was obtained Attack.Databreach by those criminally responsible . However , we believe certain credit card numbers have been compromised Attack.Databreach . Nevertheless , in light of our EMV compliant point of sale systems , which rolled out last year , we believe the exposure Attack.Databreach to cardholder data that can be used to create counterfeit cards is limited , '' it said . The breach was first reported by security website Krebs on Security on May 16 . Many small banks and credit unions received complaints about batches of stolen cards , all of which had been used at Kmart locations . The company didn ’ t reveal which of its 735 locations were hit , but did say how the breach occurred . The company ’ s systems were hit with a malware designed to steal Attack.Databreach credit card data from point-of-sale devices installed at kiosks . The malware copies Attack.Databreach credit card information from the card ’ s magnetic strip , when the cards are swiped at payment kiosks . Using this information , the cards can be cloned and purchases made using these clones would be debited from the credit card user ’ s account . This not the first time Kmart suffered such a breach . The retail chain had a similar breach Attack.Databreach in 2014 and had also claimed at the time the stolen data did not include customer names , emails addresses and personal information . `` We are actively enhancing our defenses in light of this new form of malware . Data security is of critical importance to our company , and we continuously review and improve the safeguards that protect our data in response to changing technology and new threats , '' it said . It was however confirmed the breach Attack.Databreach did not target all Kmart locations , in which case credit card companies would have themselves issued warnings to customers against using their cards at retail stores . Sears Holdings has set up a helpline for customers who might be affected by the breach . If you think you are one of them , you can call 888-488-5978 to get your queries answered .