[Updated (2018-04-06 22:18 UTC): According to a report at c|net, the breach also affected: Sears, Kmart, and now Best Buy, too. --martyb]
Delta Says Data Exposed for 'Several Hundred Thousand' Customers
Delta Air Lines Inc. said a cyber attack on a contractor potentially exposed the payment information of "several hundred thousand customers."
A data breach from Sept. 26 to Oct. 12 at a company called [24]7.ai allowed unauthorized access to customers' names, address, payment-card information, CVV numbers and expiration dates, Delta said in a statement Thursday. The vendor, which provides online chat services to Delta, notified the carrier and other clients last week.
[...] Delta said it wasn't yet able to say how many customers actually had their data stolen. The information was at risk if a customer entered data manually online to complete a payment transaction, Delta said. Data from customers who used a program called Delta Wallet weren't compromised.
Delta statement and response website.
Also at The Verge.
(Score: 3, Insightful) by Thexalon on Friday April 06 2018, @09:52PM
It depends on who you're asking.
Do they matter to the people whose data was breached? Yup, they do, because it means they could have lost a bunch of money without realizing it, and/or had their identity stolen. That second one in particular cannot be fixed by re-issuing a credit card, nor by offering identity protection insurance for a particular length of time (because the thieves can always use the data after the length of time is up).
Do they matter to the company who goofed and lost the data? Not really. And here's your proof [yahoo.com]: As soon as the noise dies down and a likely-innocent junior-level scapegoat is punished, everything is business as usual. That's why companies who experience breaches treat the situation first and foremost as a public relations problem, not a technical problem.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.