CNET también está disponible en español.

Ir a español

Don't show this again

Security

Best Buy hit by [24]7.ai data breach, too

It's not just Delta, Sears and Kmart ...

SamsungBestBuyNYC2013_01.jpg

Sarah Tew/CNET

Earlier today, we learned that hundreds of thousands of Delta Airlines, Sears and Kmart online shoppers may have had their names, addresses, and credit card information stolen by hackers. Now, you can add Best Buy to that list. 

The big-box electronics retailer says it was also affected by the same breach, due to Best Buy's use of online customer service software from [24]7.Ai during a 15-day period when that third party firm's online chat tool was infected with malware. 

(You don't need to have used the online chat software to be affected. Delta, for one,  believes that if you entered billing information into these companies' desktop websites between Sept. 26 and Oct. 12, 2017, there's a chance your information was compromised.)

Best Buy hasn't said how many of its customers were affected, but indicated the the number is small. "As best we can tell, only a small fraction of our overall online customer population could have been caught up in this [24]7.ai incident, whether or not they used the chat function," the company said in a statement.

It's important to note that none of these companies has yet confirmed whether any personal information was actually stolen. They've merely said there was an opportunity for it to have been taken.

Regardless, Best Buy says it will offer free credit monitoring services to those who want them, and is assuring its customers they won't be liable for any illegal transactions. 

We're still wondering if more companies were affected. A January profile of [24]7.ai listed American Express, AT&T, Citi, eBay, Farmers Insurance and Hilton as clients of the chat company, as well. 

American Express and Farmers Insurance confirmed they weren't affected by the breach.

Updated 4/6 at 7:07 a.m. PT: Adds information from Farmers Insurance.