A data breach at an online customer services vendor may have exposed the credit card information of hundreds of thousands of customers at Delta Air Lines and Sears, the companies said this week.

The customer services company, [24]7.ai, suffered a malware attack last fall, but did not tell Delta or Sears about the issue until recently, according to Sears. The department store chain said it learned of the breach in mid-March, while Delta said it found out about the attack just last week.

The breach lasted from Sept. 26 to Oct. 12, 2017, Delta said in its statement alerting customers to the incident. Hackers may have accessed names, addresses, credit card numbers, CVV numbers and expiration dates for “several hundred thousand” customers during that time, according to the airline.

“At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” Delta said. The company added that other information, such as passports, government IDs, security and SkyMiles data, was not accessed.

On the Sears side, the company said “less than 100,000” customers were impacted, and that those using Sears-branded credit cards did not have their information exposed.

Delta created a website offering customers information about the security breach and Sears said it would have a hotline for customer questions by Friday morning.

[24]7.ai said Wednesday it had “contained” the incident and that its technology was now safe. “We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed,” the company said in a news release.

This breach represents the latest in a series of data incidents in recent weeks. Under Armour, Saks Fifth Avenue, Lord & Taylor and Boeing have all recently seen their data breached as well.

The Leadership Brief. Conversations with the most influential leaders in business and tech. Please enter a valid email address. Sign Up Now Check the box if you do not wish to receive promotional offers via email from TIME. You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy . This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Thank you! For your security, we've sent a confirmation email to the address you entered. Click the link to confirm your subscription and begin receiving our newsletters. If you don't get the confirmation within 10 minutes, please check your spam folder.

Write to Abigail Abrams at abigail.abrams@time.com.