Macy's Warns Customers of Data Breach The cyber threat targeted a small number of customer profiles for almost two months. Macy's cyber threat alert tools detected suspicious login activities on June 11. This "suspicious activity" was being done by a third party. According to the retailer, the third party obtained the information from a source other than Macy's. From April 26 to June 12, the third party was using valid usernames and passwords to gain access to the customers' accounts. Macy's blocked the profiles that seemed to be breached by the third party on
June 12. Those profiles will remain blocked until users change their password. The company warned customers to "remain vigilant" for fraud and
identity theft.