Macy’s Inc. on Tuesday said customer data may have been stolen from its website over a roughly one-week period in October.
“We are aware of a highly sophisticated and targeted data security incident related to macys.com that affected a small number of customers during a one-week period in October,” Macy’s said in an e-mailed statement.
Macy’s didn’t specify how many individuals were affected by the breach.
According to Bloomberg, Macy’s said it retained a forensic firm to address the threat and reported the incident to federal law enforcement. A letter to those affected indicated credit-card information and other data entered on the checkout page were captured by hackers. Macy’s said the issue has been resolved. Affected customers will receive instructions on how to enroll in consumer protection services.