US discount chain Kmart has become the latest big ticket retailer to fall victim to a POS malware breach at its bricks and mortar stores.
The Sears subsidiary says the breach was uncovered late last week: "The security experts report that beginning in early September, the payment data systems at Kmart stores were purposely infected with a new form of malware. This resulted in debit and credit card numbers being compromised."
The company says that no personal information, no debit card PIN numbers, no email addresses and no social security numbers were compromised. "There is also no evidence that kmart.com customers were impacted," says the company in a statement on its Website. "This data breach has been contained and the malware has been removed."
The firm joins a growing list of US retailers who have found their retail eftpos systems to be crawling with malware. Just last week, US fast-food chain Dairy Queen confirmed it too had been attacked in August, with malware harvesting customer names, payment card numbers and expiration dates from 395 stores. This follows mega breaches at Home Depot and Target, which impacted 56 million credit cards and 40 million card numbers respectively.