State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Macy’s & Bloomingdale’s

Original Release Date: 7/17/2018

Summary

Macy’s reported that between April 26 and June 12, 2018, an unauthorized third party gained access to valid usernames and passwords for online accounts of some Macys[.]com and Bloomingdales[.]com customers. Information accessed through the customer profiles included names, addresses, phone numbers, email addresses, month and day of birth, and payment card information; CVV numbers and social security numbers were not exposed. According to a Macy’s spokesperson, only one-half percent of logged in customers were affected. Following the incident, Macy’s locked access to accounts associated with suspicious activity, required users to reset their passwords, and notified the major credit card companies of the breach. 

Recommendations

The NJCCIC recommends affected customers to monitor financial accounts for suspicious activity, notify their card issuers immediately if they notice unauthorized charges made to their accounts, and take advantage of the free credit monitoring services offered by Macy’s.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.