A previously announced data breach at Saks Fifth Avenue, Saks Off 5th and Lord & Taylor locations in the United States lasted about nine months before it was detected and shut down last month, Hudson's Bay Co. said Friday. The Toronto-based retail company announced the breach on April 1 but provided few details at the time. It said Friday that the breach began as early as July 1 last year but has been contained since March 31. HBC now says the breach was caused by malware, a type of software inserted into its system to collect customer payment card information, including cardholder name, payment card number and expiration date. It also said that it has arranged to provide potentially affected customers with identity protection services at no cost to them, including credit and web monitoring — a common practice with this sort of data breach.

Source: CBC News April 27, 2018 13:41 UTC