Popular retailer Macy's has been hacked. The company provided notice of data breach in a letter to customers.
Macy's notified customers that on October 15, 2019 they found a suspicious connection between macys.com and another website. Based on an investigation, they believe an unauthorized third party added unauthorized computer code to two pages on macys.com. "The unauthorized code was highly specific and only allowed the third party to capture information submitted by customers on the following two macys.com pages: (1) the checkout page - if credit card data was entered and "place order" button was hit; and (2) the wallet page - accessed through My Account," says Macy's. The unauthorized code was removed on October 15. Macy's says customers checking out or interacting with the My Account wallet page on a mobile device or on the macys.com application were not involved in the data breach.