Shoppers walk toward a Saks Fifth Avenue OFF 5TH department store at Jersey Gardens Mall, in Elizabeth, N.JNew Jersey Retailer Stores, Elizabeth, USA - 25 Oct 2017

Hudson’s Bay Co. said some of its Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America were hit with a “security issue involving customer payment card data.”

“The company deeply regrets any inconvenience or concern this may cause,” Hudson’s Bay said in an Easter Sunday statement. “HBC wanted to reach out to customers quickly to assure them that they will not be liable for fraudulent charges that may result from this matter.

“HBC has identified the issue, and has taken steps to contain it,” the retailer said. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”

HBC said there was no indication that the firm’s e-commerce operations or Hudson’s Bay, Home Outfitters, or HBC Europe were impacted and encouraged customers to review their account statements and contact their card issuers if they see any anomalies.

The firm said it is “working rapidly with leading data security investigators to get customers the information they need, and the investigation is ongoing. HBC is also coordinating with law enforcement authorities and the payment card companies.”

While the exact nature of the security concern is still unclear, the breach comes amid a growing national debate about how companies use and protect consumer data — a debate made more intense by revelations that Facebook data was used to inappropriately target voters in the last presidential election.

Hudson’s Bay has plenty of company in retail and fashion, where firms such as Target Corp., The TJX Cos. Inc. and others have been targeted in various ways over the last decade as criminals become more savvy and target retailers.

Under Armour Inc. on Thursday said the information of as many as 150 million people was compromised late last month after “an unauthorized party” took unspecified data from its MyFitnessPal app, which helps users track calories and record their meals and workouts.