Business

Target says 40 million credit, debit card accounts may be breached

Black Friday (shopping)Target Brands, Inc.Cyber Crime

Target said Thursday that data on 40 million of its customers’ credit and debit card accounts may have been breached by cyber-crooks during the busy holiday season.

The Minneapolis retailer said the unauthorized access – which occurred between the Nov. 27 start of Black Friday weekend and Dec. 15 – may mean that criminals now have shoppers’ names, payment card numbers, expiration dates and three-digit security codes at their disposal.

The breach affects Target patrons who made purchases at U.S. stores, the company said.

The chain said it is working closely with law enforcement agencies and financial institutions, “putting all appropriate resources behind these efforts.”

The company also said it is partnering with a third-party forensics firm to investigate the situation.

Target said customers should now stay on the lookout for fraud and identity theft and contact their banks and the Federal Trade Commission if they notice anything suspicious. Shoppers were cautioned to regularly check their account statements and free credit reports; the chain even suggested setting up fraud alerts.

[Updated, 7:25 a.m. PST  Dec. 19 : The breach was originally reported by the KrebsOnSecurity blog, which, citing anonymous sources, said that the data break-in extended to nearly all of Target’s 1,797 stores nationwide.

Black Friday is considered to be the top shopping day of the year in terms of revenue and traffic, according to research firm ShopperTrak. Many stores also opened on Thanksgiving this year and then extended doorbuster-type deals through the middle of December.

Target opened at 8 p.m. on the holiday and reported lines out the door at many of its stores.

The breach is already looking as if it may be one of the largest to date for a retailer. In 2007, T.J. Maxx and Marshalls parent company TJX Cos. said hackers had entered its computer systems and weren’t detected for more than a year.

TJX had about 50 million credit and debit card accounts on file. The company in 2009 agreed to pay $9.75 million to 41 states, including California, to settle an investigation of the breach.]

[Updated, 7:45 am. PST Dec. 19: In a statement, Visa Inc. noted that the breach is “affecting all major card brands” but said that “because of advanced fraud-monitoring capabilities, the incidence of fraud involving compromised accounts is actually rare.”

Visa said that its cardholders are shielded from sham purchases with a zero-liability protection policy.]

ALSO:

Retailers battle sophisticated shoplifting teams, 'CSI' style

Global Payments data breach affects 1.5 million credit cards

TJX agrees to pay $9.75 million to 41 states in data breach case

Copyright © 2014, Los Angeles Times
Related Content
Black Friday (shopping)Target Brands, Inc.Cyber Crime
  • 5 things you can do to protect yourself after Target data breach
    5 things you can do to protect yourself after Target data breach

    Target said Thursday that 40 million of its customers’ credit and debit card data may have been stolen by cyber-crooks during the busy holiday season.

  • Top toys for 2013
    Top toys for 2013

    Parents are set to pack the halls at major retailers as the season heads toward Christmas Day. The National Retail Federation says that while classic toys such as Lego and Barbie remain top choices, less traditional items are also gaining ground. The trade group study, conducted by Prosper...

Comments
Loading