TARGET BREACH: 40 Million Credit Cards Compromised

target

NEW YORK (CNNMoney) — A breach of credit and debit card data at discount retailer Target may have affected as many as 40 million shoppers who went to the store in the three weeks after Thanksgiving, the retailer said Thursday.

Late Wednesday, the Secret Service, which is charged with safeguard the nation’s financial infrastructure and payment systems, confirmed it was investigating the breach.

Spokesman Brian Leary declined further comment.

The breach first came to light via a report from respected security researcher Brian Krebs that said Target had suffered a data breach around the time of Black Friday last month “potentially involving millions of customer credit and debit card records.”

Target, the nation’s No. 2 general merchandise retailer after Wal-Mart Stores, said cards used at the brick-and-mortar stores between Nov. 27 and Dec. 15, 2013, may have been impacted.

The retailer said it notified authorities and financial institutions immediately after it was made aware of the unauthorized access, and had hired a forensics team to thoroughly investigate how the breach may have happened.

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence,” said CEO Gregg Steinhafel in a statement. “We regret any inconvenience this may cause.”

The thieves reportedly gained access to data on the magnetic strips of shoppers’ cards, potentially allowing them to produce counterfeit versions, according to Krebs.

The thieves could also potentially withdraw cash from ATMs using counterfeit debit cards if they were able to intercept PIN data from Target, he said.

American Express and Discover both said they were “aware” of the incident and had fraud controls in place.

“This is an ongoing investigation,” an AmEx spokeswoman said, declining to comment further.

MasterCard referred questions to Target; Visa did not respond to requests for comment.

Target competitor TJX Companies — which operates discount retail chains T.J. Maxx and Marshalls — fell victim to one of the worst security breaches ever back in 2006, when hackers gained access to at least 94 million domestic and international accounts containing credit card, debit card, and check information.

CNNMoney’s Greg Wallace, Julianne Pepitone, James O’Toole and Chris Isidore contributed to this report.

3 comments

  • Bob

    who’da thunk firing American tech workers and replacing them with foreign workers who have a place to run to when they steal would be a security risk?

    hard to see that one coming…

    say buh-bye to your credit scores, target shoppers, looks like YOU are the ‘Target’

  • Bob

    fa la la, fa la la…attention Target shoppers…your cards have been compromised, your accounts stoen and your credit ruined…happy holidays and thank you for shopping taget…but dont come back, because your credit will be declined…fa la la, fa la la

  • Troy Hendrickson

    It’s not just Target, we made an online purchase at Lowes Friday night, Saturday morning there were 23 charges from Lowes on our card, nothing seemed to correspond to what we ordered and the total was a lot more than what we had purchased. About the same time our card issuer locked the card for suspected fraud, still can’t any real answers from Lowes.

Comments are closed.

Follow

Get every new post delivered to your Inbox.

Join 910 other followers