A third-party used by Best Buy to provide online chat services suffered a cyber intrusion.
Just like any other large retailer, Best Buy allows you to chat with them online via a computer or phone as part of the shopping experience. But Best Buy’s chat services aren’t handled internally. Instead, the work is contracted out to a third-party. Now Best Buy is having to admit the third-party it chose has been hacked and customer payment information compromised.
The third-party in question is a company called 7.ai. It focuses on offering customer acquisition and engagement solutions, but between Sept. 27 and Oct. 12 last year, it suffered a “cyber intrusion.” During that time, data 7.ai had stored on its servers was accessed, and that includes Best Buy customer payment details.
Best Buy is now working to find out how many Best Buy customers are impacted by this breach as well as informing law enforcement of the situation. In a statement posted on the Best Buy website the company said, “As best we can tell, only a small fraction of our overall online customer population could have been caught up in this 7.ai incident, whether or not they used the chat function.”
Once the extent of the breach has been determined, Best Buy will contact customers directly to inform them their details were compromised. No customer will be liable for fraudulent charges and free credit monitoring services “will be available if needed.” In other words, wait for Best Buy to get in touch and let them handle the fallout.
In the meantime, if you’ve noticed any fraudulent activity on your account and think it could be related to this breach, contact Best Buy using the email address firstname.lastname@example.org. Also contact your bank and inform them to ensure no further fraudulent transactions occur on your account.