Skip to main content
BoF Logo

Agenda-setting intelligence, analysis and advice for the global fashion community.

The Business of Fashion
Retail

Macy's Discloses Data Breach

The company reported a slump in sales after confirming customers were exposed to a data hack last month.
Macy's Store | Source: Shutterstock
By
  • Bloomberg

NEW YORK, United States — Macy's Inc. slumped the most in three months after confirming that some customers were exposed to a data hack while shopping on its website last month.

“We are aware of a highly sophisticated and targeted data security incident related to macys.com that affected a small number of customers during a one-week period in October,” the company said in an emailed statement.

Macy’s fell 11 percent. It was the second-biggest decline in the S&P 500 Index on Tuesday, trailing only Kohl’s Corp. which plunged 19 percent after disappointing investors with its latest quarterly earnings.

Kohl’s report renewed concerns on Wall Street that department stores are losing the fight for market share to other retailers. Meanwhile, the Macy’s hack could spook shoppers during the critical holiday period.

ADVERTISEMENT

“Consumers could become guarded, hindering shopping at Macy’s,” according to Poonam Goyal, an analyst with Bloomberg Intelligence.

Macy’s, which reports earnings on Nov. 21, brought in a forensic firm to address the threat and reported the incident to federal law enforcement for investigation. In a letter to those affected, the company said credit-card information and other data entered on the checkout page was captured by hackers. Macy’s said the issue has been resolved.

In addition to being notified about the hack, affected customers will receive instructions on how to enrol in consumer protection services, Macy’s said.

The company didn’t specify how many customers were affected by the breach.

The hack highlights the risks that retailers face as shoppers move increasingly online. In the spring of 2018, the parent company of Saks Fifth Avenue and Lord & Taylor, Hudson's Bay Co., said it had a data security issue at some of its North American stores, and security firm Gemini Advisory reported that over 5 million credit and debit card numbers from the breach were being sold online.

Macy’s has been hacked before as well, with a breach affecting a small number of customers last year.

By Kiley Roache, Jordyn Holman; Editors: Andrew Martin, Jonathan Roeder, Lisa Wolfson

In This Article
Topics
Organisations
Location
Tags

© 2026 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions

More from Retail
Analysis and advice from the front lines of the retail transformation.

The New Reality of Shipping to Saks

While $1.75 billion in court-approved funding has brought labels back to the fold, the real test for vendors will come when that temporary safety net vanishes later this year.

The Step-by-Step Guide to Brand Elevation | Case Study

A growing number of mass and premium brands are pushing upmarket with a more luxe look, better materials and, often, higher prices. This case study unpacks how these labels are navigating the tricky challenge of elevating a brand.

view more
Latest News & Analysis
Unrivalled, world class journalism across fashion, luxury and beauty industries.

Can Big Luxury Find Its New Look?

Sex sells — if anyone can figure out what sexy means in 2026. Robert Williams tracks the search for a new silhouette at Kering’s Gucci, LVMH’s Dior and more.

Estée Lauder’s Surprise Acquisition, Explained

The American cosmetic giant’s buyout of Ayurvedic beauty line Forest Essentials came as a surprise. By picking an under-the-radar brand it knows well, the company can show that it’s still in the M&A game without needing to outbid rivals.

VIEW MORE

The Business of Fashion

Agenda-setting intelligence, analysis and advice for the global fashion community.
CONNECT WITH US ON
© 2026 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions, Privacy Policy, Cookie Policy and Accessibility Statement.