Target: Customer data breach affected up to 40M cards


Target Corp. is investigating a massive customer data breach that may have affected up to 40 million credit and debit cards of holiday-season shoppers at stores nationwide between Nov. 27 and Dec. 15.

The news was first reported late Wednesday by security columnist Brian Krebs on his website Krebsonsecurity. He said the breach involved magnetic stripe "track data" containing private customer information.

The data allow thieves to create counterfeit cards, and if PIN numbers for debit cards were also intercepted, those phony cards could be used to withdraw cash from ATMs.

Krebs reported the breach extends to nearly all Target locations nationwide. Target has nearly 1,800 U.S. stores.

Krebs advises shoppers to carefully watch their credit card statements for bogus charges. He said they should notify the bank that issued their cards in order to prevent being liable for any fraud.

The Minneapolis-based retailer confirmed the report in a statement, noting, "Target is working closely with law enforcement and financial institutions, and has identified and resolved the issue." Among other actions, "Target is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident."

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” Gregg Steinhafel, chairman, president and chief executive officer, Target, said in the statement.

The New York Times reports the Secret Service is among the agencies investigating the breach that began two days before Black Friday, the traditional kickoff for the holiday shopping season.

The Times notes that a similar breach of point-of-sale systems affected Barnes & Noble stores last year. Shoppers at 63 Barnes & Noble stores nationwide were affected, the newspaper notes.

American Express and Discover officials said they were "aware" of the incident and had fraud controls in place, CNN reported. A Master Card spokesman told USA Today that a question about the breach "at this point is best directed to Target."

Krebs noted that there are no indications yet that the breach affected customers who shopped at Target's online stores.

Twin Cities retail analyst Jim McComb told the Pioneer Press, "Presuming this is all true, it's probably one of the most serious things you can have happen, because it affects not only your store operations, it affects the lives and financial security of your customers."

McComb added the big worry is about any stolen data, but there's also the hassle of losing access to a credit or debit card during the busiest shopping week of the year.

It remains to be seen if the news will hurt Target sales in the final run-up to Christmas, the Star Tribune notes. The newspaper also notes that the biggest credit card breach at a U.S. retailer is believed to have been in 2007, when the parent company of TJ Maxx and Marshalls reported 45.7 million cards had been stolen by hackers over 18 months.

The Christian Science Monitor has the top 5 worst data breaches in terms of actual cost.

A sampling of reaction from the Twittersphere:

Next Up

Screen Shot 2020-11-25 at 7.34.43 AM

Watch: Drunk squirrel in Minnesota captures the world's attention

The squirrel was immediately cut off after nearly tipping over.

Screen Shot 2020-11-25 at 7.15.09 PM

Small town gym refusing to close facing lawsuit from attorney general

The gym is facing a lawsuit and a temporary restraining order to halt their operations.

credit card, payment

Money Gal Coaching: Bouncing back after living your best life

Kelly Blodgett started Money Gal Coaching after paying down nearly $50K in debt in 18 months.


When do stores open on Black Friday this year?

Many major retailers will be open Black Friday, some for extended hours.

police tape, crime scene

Man found dead outside home near Cass Lake

The man was reportedly shot outside the property.


Gov. Walz announces $1M in grants to boost Minnesota tourism

The money will be used for marketing efforts to attract people to Minnesota's hard-hit tourist spots.

coronavirus, ICU

Nov. 25 COVID-19 update: 72 deaths ties Minnesota's single-day high

A COVID-19 update will not be provided on Thanksgiving Day.


Revival to open its fourth Twin Cities location

The fried chicken and smoked meat maestros are moving to St. Louis Park.

Duluth and Case Recreation Center

St. Paul to open two extra temporary shelters for homeless people

Mayor Melvin Carter announced the new shelters will be opened in the event of excess demand.