Skip to main content

Target: Customer data breach affected up to 40M cards


Target Corp. is investigating a massive customer data breach that may have affected up to 40 million credit and debit cards of holiday-season shoppers at stores nationwide between Nov. 27 and Dec. 15.

The news was first reported late Wednesday by security columnist Brian Krebs on his website Krebsonsecurity. He said the breach involved magnetic stripe "track data" containing private customer information.

The data allow thieves to create counterfeit cards, and if PIN numbers for debit cards were also intercepted, those phony cards could be used to withdraw cash from ATMs.

Krebs reported the breach extends to nearly all Target locations nationwide. Target has nearly 1,800 U.S. stores.

Krebs advises shoppers to carefully watch their credit card statements for bogus charges. He said they should notify the bank that issued their cards in order to prevent being liable for any fraud.

The Minneapolis-based retailer confirmed the report in a statement, noting, "Target is working closely with law enforcement and financial institutions, and has identified and resolved the issue." Among other actions, "Target is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident."

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” Gregg Steinhafel, chairman, president and chief executive officer, Target, said in the statement.

The New York Times reports the Secret Service is among the agencies investigating the breach that began two days before Black Friday, the traditional kickoff for the holiday shopping season.

The Times notes that a similar breach of point-of-sale systems affected Barnes & Noble stores last year. Shoppers at 63 Barnes & Noble stores nationwide were affected, the newspaper notes.

American Express and Discover officials said they were "aware" of the incident and had fraud controls in place, CNN reported. A Master Card spokesman told USA Today that a question about the breach "at this point is best directed to Target."

Krebs noted that there are no indications yet that the breach affected customers who shopped at Target's online stores.

Twin Cities retail analyst Jim McComb told the Pioneer Press, "Presuming this is all true, it's probably one of the most serious things you can have happen, because it affects not only your store operations, it affects the lives and financial security of your customers."

McComb added the big worry is about any stolen data, but there's also the hassle of losing access to a credit or debit card during the busiest shopping week of the year.

It remains to be seen if the news will hurt Target sales in the final run-up to Christmas, the Star Tribune notes. The newspaper also notes that the biggest credit card breach at a U.S. retailer is believed to have been in 2007, when the parent company of TJ Maxx and Marshalls reported 45.7 million cards had been stolen by hackers over 18 months.

The Christian Science Monitor has the top 5 worst data breaches in terms of actual cost.

A sampling of reaction from the Twittersphere:

Next Up

police lights

Two St. Cloud area schools locked down as a 'precaution'

The move was precautionary, authorities stressed.

Brian O'Neill

Matthew Coller: What if the Vikings didn't have Detroit?

The Lions have been like two freebies on the Vikings' schedule the past three seasons.

water drain

MN will get $116M for water projects as part of infrastructure package

Nationwide, $7.4 billion will be distributed for projects next year.


3rd teenage death from COVID-19 reported in Minnesota

All three of the teenage deaths have occurred in the past three months.

crowne plaza hotel minneapolis mn

Former downtown Minneapolis Crowne Plaza to become boutique hotel

The hotel closed at the start of the COVID-19 pandemic and never reopened.

covid-19, coronavirus

Minnesota's COVID-19 update for Friday, December 3

The latest from the health department. The next update comes Monday.

Flickr - police lights squad siren - Edward Kimmel

Man who threatened suicide by cop detained, hospitalized

Officers responded to the incident at around 1:40 a.m. Friday.

northbound remodel facebook

Northbound brewpub reopens with new look, revamped menu

It had been closed since October for the big remodel.

Snow, Hanley Falls

Latest storm track, snow forecast for weekend winter storm

The National Weather Service has issued a winter storm watch.