Best Buy is warning that some of its customers’ payment information may have been compromised in a data breach.
The software company, (24)7.ai, says it discovered and fixed the breach in October. The attack may have exposed customers' names, addresses, credit card numbers, card security codes and expiration dates.
Best Buy offers chat services for customers coming to us via their phone or computer. We, like many businesses, use a third-party for the technology behind this service and that company, 7.ai, told us recently that they were the victim of a cyber intrusion. Their information suggests that the dates for this illegal intrusion were between Sept. 27 and Oct. 12, 2017. 7.ai has indicated that customer payment information may have been compromised during that time and, if that were the case, then a number of Best Buy customers would have had their payment information compromised, as well.
Since we were notified by 7.ai, we have been working to determine the extent to which Best Buy online customers’ information was affected. We have done that in collaboration with our third-party vendor and have notified law enforcement. As best we can tell, only a small fraction of our overall online customer population could have been caught up in this 7.ai incident, whether or not they used the chat function.
We are fully aware that our customers expect their information to be safeguarded and apologize to the extent that did not happen in this case. We encourage any customer with questions or concerns to visit a website we have established in response to this incident. We will contact any affected customers directly and want to assure them that they will not be liable for fraudulent charges that result from this issue. Additionally, free credit monitoring services will be available if needed.