U.S.A: The Target Corporation (Retail Company) has confirmed a Target Credit Card Breach that resulted in compromised credit card information, but some of the details are still missing.
Chief Executive Officer Greg Steinhafel confirmed Thursday morning earlier reports that a brazen data breach had taken place. In a statement, Steinhafel said: “Target is working closely with law enforcement and financial institutions, and has identified and resolved the issue.”
The retailer said that the target credit card breach took place between Nov. 27 and Dec.15.
Who is affected?
Target says 40 million credit and debit cards may have been compromised. If you shopped at a U.S. Target store between November 27 and December 15, you should assume you’re at risk and keep a close watch on your account statements. It’s not clear whether every Target store was affected, but at least one card issuer says it’s seeing signs of fraud all over the United States, according to Krebs on Security. You’re not in any danger if you shopped at Target’s website, or one of the company’s Canada stores.
What information was taken?
Target says the attackers gained access to customer names, credit card or debit card numbers, card expiration dates and CVV security codes. Krebs on Security and the Wall Street Journal report that the thieves accessed data from the magnetic stripes stored on the back of credit and debit cards.
What’s the risk for Target shoppers?
The attackers could use magnetic stripe data to create counterfeit payment cards. The Wall Street Journal notes that crime rings often use these counterfeits to purchase gift cards at major retailers, and then convert them back to cash. The attackers could also withdraw cash from ATMs if they managed to steal PIN data from debit transactions, Krebs on Security notes.
How did this happen?
Security breaches often involve hacking into a company’s servers and making off with the data, but the Target breach appears to be different. According to the Wall Street Journal, this theft “may have involved tampering with the machines customers use to swipe their cards when making purchases.” How the thieves were able to compromise payment terminals on such a large scale is unclear.
What should Target shoppers do now?
Target recommends keeping an eye on your credit or debit card statements and calling your bank or card provider if you see any fraudulent activity. As a general rule, you should get a copy of your credit report periodically by visiting AnnualCreditReport.com or calling (877) 322-8228. You can also set up a fraud alert through the three nationwide credit reporting agencies, Equifax, Experian and Transunion.
The problem, as one Krebs on Security commenter points out, is that automatic fraud detection could fail if the thieves are able to localize the stolen card details and make purchases near where cardholders live. The only guaranteed way to avoid fraud is to cancel your card and get a new card number, but that might not be necessary if you keep a close watch on your statements.