The data breach was said to have originated at a software seller known as 7 which provides business with online chat services.
Sears said less than 100,000 or its customers were affected while hundreds of thousands were potentially affected at Delta.
The website Gizmodo said credit card numbers, CVV numbers, and expiry dates were among the details that had been exposed along with customers' names and addresses.
“Customers using a Sears-branded credit card were not impacted,” Sears said. “In addition, there is no evidence that our stores were compromised or that any internal Sears systems were accessed by those responsible.”
Delta said in a statement: "Upon being notified of 7.ai's incident, Delta immediately began working with 7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system.
"We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by 7.ai last October.
"At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised."