US-based retailer Macy’s has reported an online data breach, which compromised customers’ personal data including credit card information.

The incident is found to have occurred between April and June this year. It exposed credit and debit card numbers and expiration dates, names, addresses, phone numbers, email addresses and birthdays of customers who shopped online at and

Macy’s said that its cyber threat alert tools identified suspicious login activity, where customer online profiles were accessed using valid usernames and passwords.

The attacker could not access credit verification values (CVV) or social security numbers, as they are not stored on the retailer’s online customer profiles, the retailer noted.

It is believed that the data has been obtained from an unauthorised third party source.

The retailer has blocked the profiles with suspicious activity, which can only be unlocked when a customer changes password for the profile.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

In a letter sent to the New Hampshire Attorney General’s Office, Macy’s said that it has notified Mastercard, Visa, American Express and Discover of the exposed card numbers.

The retailer also advised customers to routinely monitor their credit reports and alert the concerned card company in case of any unauthorised transactions.