The tech firm [24]7.ai, which handles customer data for the aforementioned corporations and Kmart, publicly confirmed the breach yesterday. The incident happened on or following September 27th, 2017 and was resolved by October 12th, but Sears was only informed of the breach in mid-March. The company learned that credit card information for under 100,000 of its customers was exposed.

In a statement, Delta assured that while a 'small subset' of its customers' information may have been available to the hackers, their passport, government ID and security data wasn't compromised. It's unclear whether that includes payment information, or if any data was accessed -- just that it was available to the intruders once [24]7.ai's systems were breached.