Target customers' card data at risk after store thefts
The information may have been stolen through card devices at Target stores, according to reports
IDG News Service - Credit and debit card information of many Target customers may have been stolen during the Black Friday weekend, according to reports.
The thieves got access to data stored on the magnetic stripe on the back of the credit and debit cards through card swiping devices that could have been tampered with at the retailer's stores, reported the Wall Street Journal on Wednesday, citing people familiar with the matter.
The data on the stripe could be used to make counterfeit cards. If the thieves also intercepted PIN (personal identification number) data for debit transactions, they "would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs," wrote security news writer Brian Krebs.
Target did not immediately respond to a request for comment.
Millions of cardholders could be vulnerable as a result of the breach that is believed to have affected about 40,000 card devices at store registers, the Journal said, citing people familiar with the incident. The breach extends to nearly all Target locations in the U.S., said Krebs, who quoted unnamed sources at two of the top 10 credit card issuers.
Krebs reported that it was initially thought that the breach extended from just after Thanksgiving 2013 to Dec. 6. But investigators found evidence that the breach lasted longer, possibly as far as Dec. 15, he reported, citing two unnamed sources.
The Secret Service is investigating the breach but would not discuss details of an ongoing investigation , a spokesman told the Wall Street Journal.
A breach of credit card information was reported last year by Global Payments. The payments processing services company said information on up to 1.5 million card numbers may have been "exported" as a result of an unauthorized access into its processing system.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Cybercrime and Hacking White Papers | Webcasts