Target’s data breach exposes 40 million credit card numbers

Retail giant Target Corp. has confirmed its cash registers have been hacked, exposing about 40 million credit and debit card numbers.

The thieves managed to get customer names, card numbers, expiration dates, and the three-digit CVV security codes printed on most credit cards and debit cards from Target’s point-of-sales system. Only customers who visited Target’s brick-and-mortar stores were compromised.

In an announcement earlier today, the U.S.-based retailer said it had informed authorities and financial institutions, writes John Biggs for TechCrunch. However, there’s still no word on how the breach happened. In the meantime, Target has hired third-party forensic investigators to find out how it was done.

However, Biggs writes Target moved slowly on the breach. The first rumours of the attack started cropping up last week, when cybersecurity journalist Brian Krebs broke a story on how the thieves may have broken into Target stores’ wireless networks and scraped “track data,” the data that lives on each credit card’s magnetic track.

“Loss of the track information from the credit cards is particularly nasty as it can allow for card cloning. That said, just the cardholder’s name, card and security code has the potential for widespread online ordering fraud which can be particularly nasty considering we’re in the midst of the holiday season,” said James Lyne, global head of security research at data protection company Sophos Inc., in an interview with Biggs.

Data breaches aren’t exactly rare – in 2009, U.S. payment solutions provider Heartland Payment Systems Inc. lost 130 million card numbers in an attack, substantially more than Target. However, Biggs notes this is one of the most notable attacks to surface in a while.

When Biggs reached out to Target for comment, Target spokesperson Katie Boylan said the company was in an “ongoing investigation [and that] it was not appropriate to comment at this time … Target put all the appropriate resources on the issue.”

In the meantime, Target is telling its customers to stay “vigilant for incidents of fraud and identity theft.” It’s asking them to monitor their account statements and to use free credit reports.

Click the “Original Source Article” link for more.

Candice So
Candice So
Candice is a graduate of Carleton University and has worked in several newsrooms as a freelance reporter and intern, including the Edmonton Journal, the Ottawa Citizen, the Globe and Mail, and the Windsor Star. Candice is a dog lover and a coffee drinker.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web