Hudson's Bay, the parent company of Saks Fifth Ave, confirmed in April that a data breach compromised payment systems and therefore customer's credit and debit cards.
Estimates of the amount of affected customers have not yet been released, but could number in the millions. Online customers were not affected.
Hudson's Bay also owns Lord & Taylor, whose stores were also affected by the breach.
Under Armour confirmed in March that data from its MyFitnessPal app was accessed by an ""unauthorized party."
Payment information was not released, but the app is used to track weight loss and information pertaining to that likely leaked. More than 150 million people's information was likely compromised.
Panera Bread confirmed on April 2 that it was notified of a data leak on its website.
Personal information, including names, addresses, and partial credit card numbers may have leaked, though the company says the investigation is ongoing.
The flaw in the website was fixed as of Monday, but up to 37 million people's information could have been leaked according to an estimate.
Forever 21 alerted its customers in November that some of their information may have been stolen.
A flaw in the store's cashier terminals may have inadvertently exposed data like credit card numbers, expiration dates, and internal verification codes to hackers. Customers that shopped in stores form March and October 2017 were vulnerable.
Sonic told Business Insider in September that it detected "unusual security regarding credit cards being used at Sonic."
Credit cards from 5 million customers may have been stolen, as most of the chains more than 3,600 locations use the same payment systems.
Whole Foods announced in August that it "recently received information regarding unauthorized access of payment card information."
A flaw in the point-of-sale system used by the chain's taprooms and table-service restaurants were affected, but not the store system itself, which uses a different stack of technology.
Kmart confirmed in June that credit card information was stolen from shoppers who came into its stores.
The store did not confirm how or when the data was stolen, but did say other personal details were not also taken.
Gamestop confirmed a data breach in April 2017. Customers that shopped online were vulnerable for a six-month period, from August 10, 2016 to February 9, 2017.
Names, addresses, and credit card information were all taken in a breach of the website's payments processor.
Arby's confirmed in February 2017 a data breach may have affected 355,000 credit and debit cards used at its stores.
Malware affecting the chain's cashier systems between October 25, 2016 and January 19, 2017 allowed the unauthorized access.