Hundreds of thousands of online shoppers may have had their name, address, and credit information stolen by hackers thanks to a security issue with the online customer service software from [24]7.ai.

Customers that shopped online at Delta, Sears, Kmart, and Best Buy could have been affected thanks to malware that was infecting [24]7.ai’s online chat tool between September 26 and October 12, 2017.

[24]7.ai provides the live chat on those company’s websites. Your information may have potentially been compromised even if you didn’t use the chat tool but made a purchase online from one of the retailers during that time period.

Currently, none of the named companies have confirmed that information has been stolen, only that the opportunity for it to have happened was there, CNET reports. Delta has gone as far as to say that even if the breach did affect its site, that it would only impact “a small subset” of customers.

Source: Delta, Best Buy, and Sears Customers May Have Had Personal Info Stolen in Hack