Credit card breach at Target investigated

  • 19 December 2013
  • 7 replies
  • 24 views

Userlevel 7
"The Secret Service is investigating a reported credit card data breach at discount retailer Target.
Secret Service spokesman Brian Leary confirmed the investigation Wednesday evening. He declined to comment further."
 
"Leary's comments came following a report from respected security researcher Brian Krebs that Target had suffered a data breach around the time of Black Friday last month "potentially involving millions of customer credit and debit card records.""
 
Full Article
 
It may be the season to be jolly, but it is also quite possibly the most active season of the year for theft, fraud, and Identity Theft.  Stay aware and stay safe!
 
EDIT 12-23-2013:  We now know that some 40 million credit cards were hacked.  Reports indicate that at least some of these numbers have been seen up for sale on the 'black market', and also many reports of card numbers being used.
 
Thread title changed to reflect this is no longer a 'potential' breach.

7 replies

Userlevel 7
Badge +54
A breach of credit and debit card data at discount retailer Target may have affected as many as 40 million shoppers who went to the store in the three weeks after Thanksgiving, the retailer said Thursday.
 
Follow-up article
Userlevel 7
You beat me to the additional details 🙂  Yes, looks like the problem goes from around Black Friday up until December 15th.
 
More Details 
Userlevel 7
I shopped there once during that time. Grrrr.
Userlevel 7
Badge +54
Bit of a disturbing but not surprising update here for those who are affected by it.
 
Stolen Target customer data 'flooding' black markets, report says

Brian Krebs, the former Washington Post reporter who first broke the Target security breach on his blog earlier this week, filed an update to Krebs on Security on Friday.

Basically, according to Krebs, all of that information has been circulating underground black markets around the world for weeks now.

    There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country. But this store has earned a special reputation for selling quality “dumps,” data stolen from the magnetic stripe on the backs of credit and debit cards. Armed with that information, thieves can effectively clone the cards and use them in stores. If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim’s bank account.

The big box retailer affirmed Krebs's original scoop that the breach lasted from the day before Thanksgiving (November 27) through December 15. During that time, the still-unidentified hackers illegally obtained customer names, credit and debit card numbers, card expiration dates as well as CVVs (the three-digit security code), according to a letter to customers.

Target is working with the United States Secret Service, among other law enforcement agencies, to track down the culprits.
 
Full Topic
 
 
Userlevel 7
Badge +54
Target's acknowledgement Friday that personal data of 70 million people, not 40 million as previously thought, may have been exposed to hackers in a recent data breach raises new questions about the incident and how it could affect victims.

Target today said that an ongoing investigation of the data breach has revealed that "guest information" such as names, mailing addresses, phone numbers, and email addresses of customers may have been accessed by the same thieves who hacked into its systems last month.

Much of the exposed data is "partial in nature," the company said in a statement this morning. In cases where a customer email address is available, Target said it would attempt to contact affected individuals.

"We know that it is frustrating for our guests to learn that this information was taken and we are sorry they are having to endure this," said Target chairman and CEO Gregg Steinhafel in the statement.

Target in mid-December revealed that hackers had broke into its systems between Nov. 27 and Dec. 15 and accessed data on up to 40 million debit and credit cards. At the time, Target said that hackers gained access to cardholder names, credit or debit card numbers, card expiration dates and CVV security codes.

Target now says that its subsequent investigation found that data from 30 million more people was exposed. "This theft is not a new breach, but was uncovered as part of the ongoing investigation," the company said.
 
Full Topic
Userlevel 7
That is indeed a lot worse. Thank you for the update!
Userlevel 7
@ wrote:
I shopped there once during that time. Grrrr.
We almost did. My wife and I were out shopping during this time on our way to Petsmart for a new brush for our dog. We passed Target and she said that she hadn't visited Target for a long long time, to drop her off at Target while I shopped at Petsmart. I suggested to her that we'll go to Target after Petsmart. After buying a brush and a few odds & ends for our dog at Petsmart I made a suggestion to take her out to lunch, I'm buying. lol. We went to lunch (because I didn't want to go to Target) and then went home, never going to Target. Well spent money for lunch that day. 😃

Reply