Kmart has announced that its payment data systems have been breached.
The retailer says the breach that started in early September, involves store payment data systems that were infected with a form of malware that was undetectable by current anti-virus systems.
The company says that IT experts were able to quickly remove the malware. However, they believe certain debit and credit card numbers have been compromised. A Security and Exchange Commission filing by Kmart parent company Sears Holdings, does not say how many customers could be affected by the breach.
Based on the forensic investigation to date, Kmart says that no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by those criminally responsible. There is also no evidence that customers of the website, kmart.com were impacted.