Target says hackers likely accessed 40 million cards
Thieves pilfer data stored on magnetic stripes of credit and debit cards used by holiday shoppers, Target confirms
IDG News Service - Target has confirmed that data from about 40 million credit and debit cards was stolen at its stores between Nov. 27 and Dec. 15.
The statement from the retailer Thursday follows reports that thieves had accessed data stored on the magnetic stripe on the back of credit and debit cards during the Black Friday weekend through card swiping machines that could have been tampered with at the retailer's stores, a practice known as card skimming.
The data could have been used to create counterfeit cards that could even be used to withdraw money at an ATM, according to the reports.
The card information that may have been compromised includes the name of the customer, credit or debit card number, the cards expiration date and the three-digit CVV security code, Target said in a note to customers. Shoppers at its online store Target.com or at physical stores outside the U.S were not affected, it added.
Target said it "is working closely with law enforcement and financial institutions, and has identified and resolved the issue." It also said it was working with an outside forensics firm.
Customers who suspect unauthorized activity should contact the company, Target said.
Security news writer Brian Krebs reported Wednesday that it was first thought that the breach extended from just after Thanksgiving 2013 to Dec. 6. But investigators found evidence that the breach may have lasted up to Dec. 15, which has now been confirmed by Target.
Millions of cardholder accounts may have been vulnerable after the breach that is believed to have affected about 40,000 card machines at store registers, The Wall Street Journal said, quoting people familiar with the situation. Sources at two of the top 10 card issuers told Krebs that the breach had affected nearly all Target locations in the U.S.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts