Macy’s has announced a data breach caused by Magecart card-skimming code being implanted in the firm’s online payment portal. The code injection, believed to have been done on October 7, impacted the Macy’s checkout page and wallet page, the latter of which is accessed through the “My Account” facility. The amounts of customers may have been embroiled in the data-stealing campaign is still under water, which lasted at least a week before Macy’s knew of its compromise. However, a Macy’s spokesperson suggests that only a “small” number of customers were involved, and they would be offered consumer protection services for free.