Hundreds, perhaps thousands, of debit and credit cards have been canceled locally due to a data breach of Kmart stores across the country.

Several local banks declined to comment on a specific impact, but the Jamestown Area Federal Credit Union indicated that more than 600 of its customer’s cards were forced to be canceled.

Vicky Burdick, CEO of the credit union, called such breaches a “nationwide issue” — not the work of some local criminal.

“It’s not like a criminal walked into the local Kmart store and stole this information,” she said. “This kind of data breach is usually a foreign entity breaking into K-mart’s database. It affects all K-marts in the country.”

Burdick said credit union customers whose cards were canceled can either receive a new card via the mail — a free process that can take up to 30 days — or by visiting a local branch and receiving an “instant issue” debit card for a $10 fee.

In a statement released May 31, Gareth Glynne, senior vice president of retail operations for Sears and Kmart, said the breach was the result of a “malicious code” undetectable by current anti-virus systems.

The company, he said, became aware of the incident when unauthorized credit card purchases were detected at some Kmart stores. Glynne said an investigation was quickly launched to review the company’s systems and secure the affected part of its network.

“Based on the forensic investigation, no person identifying information, including names, addresses, social security numbers, and email addresses, was obtained by those criminally responsible,” Glynne said, in his statement. “However, we believe certain credit card numbers have been compromised. All Kmart stores were EMV “Chip and Pin” technology- enabled during the time the breach occurred, and we believe the exposure to cardholder data that can be used to create counterfeit cards is limited. There is no evidence that kmart.com or Sears customers were impacted nor that debit PIN numbers were compromised.”

Kmart indicated the company is working closely with federal law enforcement authorities, banking partners and IT security firms in an ongoing investigation. The company said it is “actively enhancing” its defenses in light of this new form of malware.

In October 2014, Kmart experienced a similar breach when malicious software was blamed for stealing customer credit and debit card information. A spokesman for Sears said, at the time, the malware used was undetectable by anti-virus systems.