Two East Coast lawmakers are calling for the Federal Trade Commission to investigate Target Corp. after a massive security breach compromised the debit and credit card information of 40 million customers.
The Star Tribune reports Sen. Robert Menendez, D-New Jersey, a member of the Senate Banking Committee, stood outside a Target store Thursday to announce he had requested details from the Federal Trade Commission on whether it can fine firms for security breaches and to brief him on the agency's efforts to protect consumers.
Sen. Richard Blumenthal, D-Connecticut, also urged the FTC to step in, saying the agency has the authority to investigate security policies of companies, the newspaper says.
“If Target failed to adequately and appropriately protect its customers’ data, then the breach we saw this week was not just a breach of security; it was a breach of trust,” Blumenthal wrote in a letter.
Lack of trust could definitely dent Target's reputation in the long run. According to YouGov's BrandIndex, which asks an online panel of 2.5 million people to rate corporations, shows Target's brand plunged 35 points following the disclosure of the breach, CBS News reports. Since then, it's dropped even lower.
Target said this week that the U.S. Secret Service and U.S. Department of Justice are investigating the hack of its point-of-sale system, but emphasized the retailer is not being investigated by the agencies.
In addition to stolen information including consumer names, card numbers, CVV security codes and expiration dates, the Minneapolis-based retailer confirmed Friday that encrypted PIN data was also compromised in the breach, WCCO reports.
Although the PIN data was stolen, the encryption key was not. Target says it remains “confident that PIN numbers are safe and secure,” according to WCCO.
Brian Krebs, the same security blogger that broke the news of the breach, learned last week that some of the card numbers used at U.S. Target stores during the 19-day breach between Nov. 27 and Dec. 15 were already being bought and sold on the black market.
The Star Tribune reports the breach is a glaring example of how vulnerable the U.S. is to fraud because the country hasn't caught up with the rest of the world that's already shifted to EMV chip cards. The newer technology makes the data more secure and more difficult to clone a card.