Target: Data breach affected 70M; emails, phone numbers compromised

Author:
Updated:
Original:

Target Corp. says a recent data breach affected far more holiday-season shoppers than the 40 million who had been previously disclosed.

The Minnesota-based retailer also said more personal information may have been compromised than previously believed, including emails and home addresses.

"At this time, the investigation has determined that the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals," a Target press release published Friday says.

Fraud analyst Avivah Litan told the Pioneer Press the additional information that was stolen from those customers is not stored on point-of-sale devices used to access the payment card data. According to Litan, the thieves gaining access to another data source suggests that someone from inside helped.

"It definitely strengthens the case that this was someone embedded in the organization," Litan told the Pioneer Press. "Someone had inside knowledge, whether it was an insider, or an outsider working with an insider."

Target last month had said hackers between Nov. 27 and Dec. 15 stole other types of data – customer names, credit or debit card numbers, expiration dates and three-digit security codes for 40 million customers, the New York Times notes.

The Wall Street Journal reports that the company has clarified that "the 70 million people were separate from the approximately 40 million credit and debit card accounts previously reported as compromised, though there was some overlap."

A breach affecting 70 million or more would make it one of the largest security breaches of its kind ever, NBC News reported.

The new information was discovered by Target as part of its ongoing investigation into the data breach.

Target's press release adds: "Much of this data is partial in nature, but in cases where Target has an email address, the Company will attempt to contact affected guests. This communication will be informational, including tips to guard against consumer scams."

Target has set up a webpage with more information for consumers specific to the breach.

Target has stressed that consumers would not be held liable if their card data are ultimately used in fraudulent purchases. In a Facebook post Friday morning (below), Target said it would offer a year of free credit monitoring to all customers.

“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” said Gregg Steinhafel, Target's chairman, president and chief executive officer. “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.”

Target stock dropped in early Friday trading, Bloomberg reported. Target stock rose 6.9 percent in 2013.

Target officials on Friday also announced that the data breach hurt the retailer's bottom line in the all-important fourth quarter, noting that Target was lowering its outlook for fourth-quarter comparable sales revenue, to a drop of 2 percent to 6 percent.

Target said that stores had stronger-than-expected sales in the fourth quarter prior to the company’s Dec. 13 announcement about the card data breach. But store officials say they had "meaningfully weaker-than-expected sales since the announcement."

A few customers have already started to sue Target over the breach.

Next Up

police lights

Elementary school in Monticello closes due to 'active police incident'

An active police incident was reported Tuesday morning.

Michelle Young

Teacher from Edina steals Matt James' heart on 'The Bachelor'

She's also a former high school and college basketball star.

Screen Shot 2021-01-21 at 1.57.10 PM

Missing woman found dead in north Minneapolis

The 63-year-old's body was found three days after she was reported missing.

Mike Lindell, My Pillow CEO.

MyPillow CEO Mike Lindell has Twitter account 'permanently suspended'

The move was taken by Twitter due to apparent violations of its Civic Integrity Policy.

coronavirus, SARS-CoV-2

Minnesota confirms America's 1st case of Brazil P.1 COVID strain

The strain was found in a Twin Cities metro resident who recently traveled to Brazil.

classroom

Gov. Walz announces education plan aimed at eliminating disparities

The plan covers seven categories, including closing the racial education gap and improving opportunities in rural Minnesota

Tax forms

Charges: Otsego cleaning business underreported sales

An Otsego woman is accused of owing more than $20,500 in sales tax, penalties and interest.

Screen Shot 2020-04-17 at 2.58.26 PM

Walz gives vaccine providers 3-day, 7-day deadlines to use doses

Those that don't use their allocation will be given less in the future.

purse

Border officers seize more than $550K in counterfeit designer goods

The shipments of fake goods were seized on Jan. 22.

Related