• At least 15 retailers were hacked and likely had information stolen from them since January 2017.
  • Many of these were caused by flaws in payment systems taken advantage of by hackers.

At least 15 separate security breaches occurred from January 2017 until now. Many of them were caused by flaws in payment systems, either online or in stores.

Data breaches are on the rise in both retailers and other businesses. According to Business Insider Intelligence, data breaches are a real danger for both brands and customers, and can affect customer’s trust in brands.

According to a study by KPMG, 19% consumers would completely stop shopping at a retailer after a breach, and 33% would take a break from shopping there for a extended period.


5b35439dd7eb3f2a008b468f-750-563 Companies with data breaches in 2018

Adidas announced on Thursday that an “unauthorized party” said it had gained access to customer data on Adidas’ US website. Currently, the company believes only customers who shopped on and purchased items from the US version of Adidas.com may have been affected by the breach.

The data that is potentially at risk includes customer contact information, like email addresses and physical addresses, as well as login information, like usernames and passwords. The passwords were stored with an encryption, however, which would need to be unencrypted before they could be used.

Adidas did not say exactly how many customers could have been affected by the breach, but an Adidas spokeswoman confirmed it is likely “a few million.”


5a02184335876e33028b465c-750-563 Companies with data breaches in 2018

Sears alerted customers on April 4 of a “security incident” with an online support partner [24]7.ai that may have resulted in up to 100,000 people having their credit-card information stolen.

The incident affected shoppers who bought items online from September 27, 2017 to October 12, 2017


5771488352bcd01b008cc003-750-563 Companies with data breaches in 2018


Kmart, which is owned by Sears Holdings, was also affected by the breach, the company reported on April 4.


5ac61b416898751a008b464a-750-562 Companies with data breaches in 2018


Delta used the same online support service as Sears and was also affected by the reported breach.

The airline said customer payment information may have been vulnerable but did not estimate how many of its customers were affected.

Best Buy

5ac7cc1a68987531008b49ea-750-563 Companies with data breaches in 2018


Best Buy was also affected by the breach of [24]7.ai, it told customers on April 5.

The retailer said only “a small fraction of our overall online customer population” was affected in the breach, which might have jeopardized payment information.

Saks Fifth Avenue

5ac3905f4962d796028b4a1c-750-562 Companies with data breaches in 2018

Hudson’s Bay, the parent company of Saks Fifth Ave,confirmed in April that a data breach compromised payment systems and therefore customers’ credit and debit cards.

Estimates of the amount of affected customers have not yet been released, but could number in the millions. Online customers were not affected.

Lord & Taylor

5ac38f697a74af1a008b4619-750-563 Companies with data breaches in 2018

Hudson’s Bay also owns Lord & Taylor, and those stores were also affected by the breach.

Under Armour

5ac390714962d71c008b49f3-750-563 Companies with data breaches in 2018

Under Armour confirmed in March that data from its MyFitnessPal app was accessed by an “unauthorized party.”

Payment information was not released, but the app is used to track weight loss and information pertaining to that likely leaked. More than 150 million people’s information was likely compromised.

Panera Bread

55c2206f2acae72c008bd495-750-563 Companies with data breaches in 2018

Panera Bread confirmed on April 2 that it was notified of a data leak on its website.

At the time, it said personal information, including names, addresses, and partial credit card numbers may have leaked, though the company says the investigation is ongoing.

The flaw in the website was fixed as of Monday, but up to 37 million people’s information could have been leaked according to an estimate. That number was later revised to be an estimated less than 10,000 customers.

Forever 21

5790ea4f88e4a7f4328b98a4-750-562 Companies with data breaches in 2018

Forever 21 alerted its customersin November that some of their information may have been stolen.

A flaw in the store’s cashier terminals may have inadvertently exposed data like credit card numbers, expiration dates, and internal verification codes to hackers. Customers who shopped in stores from March through October 2017 are vulnerable.


5ac38f177a74af27008b45ee-750-562 Companies with data breaches in 2018

Sonic told Business Insider in September that it detected “unusual security regarding credit cards being used at Sonic.”

Credit cards from 5 million customers may have been stolen, as most of the chains more than 3,600 locations use the same payment system.

Whole Foods

5abd187f53dd8e1a008b4aa8-750-562 Companies with data breaches in 2018

Whole Foods announced in August that it “recently received information regarding unauthorized access of payment card information.”

A flaw in the point-of-sale system used by the chain’s taprooms and table-service restaurants was affected, but not the system the grocery store itself uses.


5ac394f660b8d71e218b484c-750-563 Companies with data breaches in 2018

Kmart confirmed in June that credit card information was stolen from shoppers who came into its stores.

The store did not confirm how or when the data was stolen.


5ac393b5ff241a20008b4a0a-750-563 Companies with data breaches in 2018

Gamestop confirmed a data breach in April 2017. Customers who shopped online for a six-month period are vulnerable, from August 10, 2016 to February 9, 2017.

Names, addresses, and credit card information were all taken in a breach of the website’s payments processor.


5ac3932a7a74af28008b45dc-750-562 Companies with data breaches in 2018


Arby’s confirmed in February 2017 a data breach may have affected 355,000 credit and debit cards used at its stores.

Malware in the chain’s cashier systems between October 25, 2016 and January 19, 2017 allowed the unauthorized access.

via Companies with data breaches in 2018 – Business Insider

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Share This