Missing the Target – 40 million consumers may be affected
Target confirmed yesterday that data on up to 40 million credit and debit card accounts may have been stolen – presumably including customer names, account numbers, and security codes. (See Target press release here). While the story is very much still unfolding and no two accounts of it seem quite the same, it seems Target must have been compromised at the corporate level – in order to gain the wide depth of coverage that the thieves appear to have reached. I’m sure we’ll hear more in the next few weeks.
Sources for more coverage:
From the Target corporate website:
We wanted to make you aware of unauthorized access to Target payment card data. The unauthorized access may impact guests who made credit or debit card purchases in our U.S. stores from Nov. 27 to Dec. 15, 2013. Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause. The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly to resolve the incident.
We began investigating the incident as soon as we learned of it. We have determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV.
We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future. Additionally, Target alerted authorities and financial institutions immediately after we discovered and confirmed the unauthorized access, and we are putting our full resources behind these efforts.”
From what we hear, Santa will not be stopping at the MIS department for Target Brands this year.
Checking your credit card accounts for unusual charges seems like a good way to spend the afternoon. If Target was hacked, surely other retailers are vulnerable too.