It’s been revealed that a data breach at US retail chain Kmart that compromised card details lasted over a month. The discount department store said that the malware was discovered last week but had been operating since early September. Based on its investigation so far, the company said that it believes credit and debit cards were exposed but that no personal information, PIN numbers, email addresses or social security numbers were accessed.

The incident is the latest in a string of cyber-attacks on American retailers. Last week, restaurant chain Dairy Queen revealed that hackers had stolen names, card numbers and expiration dates of around 600,000 cards across 395 of its restaurants. There have also been huge recent attacks on Home Depot, in which 56 million cards were affected, and on Target, when 40 million cards were compromised in the run-up to Christmas 213.

It’s not thought that the breached information is being used to create counterfeit cards or encumber customers with bills for items that they haven’t bought. Nevertheless, the attack is a reminder and a warning to retailers that the sheer size of their computer networks makes them an attractive target to hackers. By improving detection times, large chains will reduce the damage caused by such breaches and better protect both their customers and their reputation.