US Retail: Target data breach affects 40 million accounts, payment info compromised

0
308

December 19, 2013

WASHINGTON DC: Target said Thursday that credit and debit card account information for 40 million of its customers may have been stolen during the height of the holiday shopping season.

December 19, 2013

WASHINGTON DC: Target said Thursday that credit and debit card account information for 40 million of its customers may have been stolen during the height of the holiday shopping season.

The retailer, which has more than 1,500 stores throughout the U.S., said the customer names, debit or credit card numbers, card expiration dates were taken, along with the three-digit security codes often imprinted on the backs of cards, known as CVVs. With that information, it would be easy for criminals to ring up purchases on most Web sites.

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence,” Gregg Steinhafel, Target’s chairman, president and chief executive officer said in a statement. “We regret any inconvenience this may cause.”

Target said it immediately notified law enforcement authorities and financial institutions after discovering the breach, though this is its first notice to customers. It is also working with a third-party forensics firm to investigate the incident and strengthen its systems, the company said.

The breach is being investigated by the Secret Service, according to several media reports.

The breach affected those who shopped in a Target store — not online — between Nov. 27 and Dec. 15. Consumers and companies are at particularly high-risk for data breaches during the holidays, as the increased volume of transactions can mask other irregularities that can tip companies off to a problem.

“We take this matter very seriously and are working with law enforcement to bring those responsible to justice,” Steinhafel said.

Target spokeswoman Molly Snyder declined to comment on how customers data were stored or encrypted prior to the attack, saying that would be part of the ongoing investigation. “In terms of overall practices, we continually and continue to make sure that our information is protected,” Snyder said.

Target recommended that its customers check their credit reports for any indication of fraudulent activity and contact law enforcement and the Federal Trade Commission to report any incidents of identity theft.

The retailer has also set up a hotline for those who believe they may have been affected by the breach. Target customers who have noticed irregular activity on their accounts should call the firm at 866-852-8680.

The company’s stock was down nearly 2 percent in early trading.


Courtesy: WashPost