Skip to main content

Infected online chat service stole payment info at Best Buy, Delta, Sears, more

Online chat service provider [24]7.ai, used by Delta, Best Buy, and numerous other companies faced a “cyber incident” from September 26 to October 12, 2017. The company didn’t notify its list of clients until last month, stating that hackers may have accessed “certain customer payment information.” SkyMiles, personal data, passport details, and other similar information was not compromised. 

In response, Delta said it took immediate action to assess the possible damage. 

“Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system,” Delta stated. “We also engaged federal law enforcement and forensic teams and have confirmed that the incident was resolved by [24]7.ai last October.” 

[24]7.ai discovered malware collecting payment information in its software on October 12, 2017. The chat service provider implemented a fix immediately, and then conducted an internal investigation with forensics and law enforcement between November 2017 and March 2018. Delta didn’t know about the incident until March 28 and removed the chat tool from its website the next day. Both [24]7.ai and Delta informed the public on April 4. 

The hack possibly affects only a “small subset” of Delta’s customers, but the company can’t confirm if customer data was actually accessed by hackers and compromised. The investigation is ongoing, thus Delta launched a dedicated website to provide the latest developments in the [24]7.ai attack. 

Delta’s site specifically states that malware present in software used by [24]7.ai potentially exposed payment information of several hundred thousand customers using Delta’s PC-accessed website. Even more, customers didn’t have to interact with the chat tool to be hit by the hack. The attack did not affect the Fly Delta app, the mobile website, or Delta’s computers. 

So what did the hackers obtain? Customer names, addresses, payment card numbers, CVV numbers, and expiration dates. Customers who used the Delta Wallet service weren’t affected, as the malware could only grab information entered on the screen. Delta Wallet “masks” this sensitive information. 

“Delta will be working diligently to directly contact customers, including by first-class postal mail, who may have been impacted by the [24]7.ai cyber incident,” Delta states. “Delta will also launch a dedicated phone line and website for the small subset of customers who were impacted so we can address their concerns.” 

Other companies affected by the [24]7.ai cyber incident include Best Buy, Sears Holdings Corp., and more. Sears said it wasn’t notified of the breach until mid-March and believes that the hack affected less than 100,000 customers. Upon notification, Sears informed credit card companies to prevent possible fraud. 

“Customers using a Sears-branded credit card were not impacted,” the company states in a blog. “In addition, there is no evidence that our stores were compromised or that any internal Sears systems were accessed by those responsible. [24]7.ai has assured us that their systems are now secure.” 

Best Buy says only a small fraction of its online customer population “could have been caught up in this [24]7.ai incident, whether or not they used the chat function.” 

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
The most common GoTo Meeting problems and how to solve them
Stock photo of man using laptop

GoTo Meeting is a great option for hosting meetings remotely, but like any other videoconferencing app, it still has issues that need troubleshooting. For this guide, we found four common problems GoTo Meeting users may encounter and the solutions to each of them. From audio issues to connectivity problems, let's look at these difficulties and the best ways to solve them.

Note: The following sections only reflect the interface of the latest version of the GoTo Meeting desktop app.
Annoying sound effects when people enter or leave meetings

Read more
How to download YouTube videos for offline viewing
A smartphone displaying YouTube on its screen as it lays on top of a laptop's keyboard.

YouTube might be a streaming-first video platform, but you can download YouTube videos, too. You can even download them for free with the right software, although simply being a YouTube Premium member is the most straightforward method. Having a YouTube video saved offline makes it easy to view it later, watch it when you're offline and away from a stable Wi-Fi connection, or just watch it multiple times without having to re-stream it.

Whatever reason you have for wanting to download a YouTube video, though, there are a range of ways to do it. Here's how.

Read more
The most common Skype problems and how to fix them
best mac apps for small business skype

Skype is an excellent option for video chats with your friends and family or conducting a videoconference call with your colleagues.  However, Skype is not without its bugs, hiccups, and issues that can make getting face-to-face with someone seem like an ordeal. To make things easier on everyone, we've compiled a selection of the most common Skype problems and how to fix them.
Video not working
If you can't get your camera to work or experience issues seeing other's connections, you might as well be using an actual telephone instead of Skype. Thankfully, these issues can usually be resolved with a bit of tinkering on your end, or they may just be service disruptions on Skype's end.

One of the more common problems that crop up is visual issues due to Skype not having access to your PC or phone's camera. For desktop users, open the Skype application and select the Three horizontal dots near the notification bell icon to access the Skype menu. Select Settings > Audio and video. If your picture fails to appear in the Skype camera preview window, you'll know there's a connection issue.

Read more