Delta Air Lines and Sears aren’t too happy with their customer service provider right now—due to [24]7.ai' s security breach last fall, hundreds of thousands of users’ data may have been compromised, and the vendor hasn’t confirmed or denied whether other companies have been affected as well. The provider also waited almost six months before notifying Sears and Delta about the breach, at the end of March, which has raised questions from the media.
"We are confident that the platform is [now] secure, and we are working diligently with our clients to determine if any of their customer information was accessed," [24]7.ai said in a statement.
Both Delta and Sears have said customers that made transactions between September 26 and October 12, 2017 are at risk. Sears, which uses [24]7.ai's technology to provide online support for Sears and Kmart shoppers, said roughly 100,000 shoppers may have had their credit card information stolen, but that Sears store card users were not at risk.
“Data security is of critical importance to our company, and we take any matter related to customer’s personal information very seriously. Our top priority at this point is to quickly identify the impacted customers, notify and assist them in every way possible,” Sears said in a statement.
Meanwhile, Delta, which uses [24]7.ai primarily for chat support, hasn’t actually confirmed that any customer data was obtained during [24]7.ai's breach. “At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” the company said in a statement. Delta assured its customers that passport data or ID data remains secure.
This data breach comes on the heels of a series of security mishaps over the past few weeks. Under Armour, Saks Fifth Avenue, Boeing, and Lord & Taylor have all fallen victim to recent hacking incidents.