CHICAGO — Department store chain Macy’s alerted customers that their personal and payment information may have been hacked on the retailer’s website during a one-week period in October.
Macy’s said it reported the incident to federal law enforcement after it found a suspicious third party who added an unauthorized computer code on the retailer’s website on Oct. 7. In a letter sent to affected customers dated Nov. 14, Macy’s said hackers potentially had access to customer names, address, phone numbers and payment card information. According to the letter, Macy’s removed the code on Oct. 15.
An investigation by Macy’s found that the hacker’s code was able to capture information on the retailer’s checkout page and its wallet page.