Target, the nationwide retail giant, is investigating a data breach involving millions of customer’s debit and credit card information. According to reliable sources, the breach occurred on Black Friday 2013. The breach extends throughout Target locations nationwide.
Minneapolis-based Target Brands Inc. hasn’t responded to requests for information, but did say that nearly 40 million customers throughout the U.S. who used credit cards at Target between Nov. 27 and Dec.15 are vulnerable. The breach compromised debit and credit card information of Target customers who purchased products at the company’s stores during that timeframe. Federal agencies are investigating the breach.
“The breach window is definitely expanding. We can’t say for sure that all stores were impacted, but we do see customers all over the U.S. that were victimized,” said a source from a bank card issuer who prefers to remain anonymous.
The compromised data, known as “track data,” allows the attacker to create counterfeit cards by converting the information onto a random card with a magnetic stripe. According to CNN, Target admitted that PIN data for the debit transactions was also intercepted, however they assure customers that the data was properly encrypted. If the thieves manage to break the PIN codes, the stolen debit and credit information could easily be reproduced to withdraw cash from ATMs.
Examples of Similar Data Breaches and The Methods Used by Thieves
In 2007, retailer TJX experienced a data breach that could explain the data breach at Target. The company’s data breach was the result of thieves using the store’s wireless networks to access systems at its headquarters. The systems were used to store data related to payment and return transactions. The thieves managed to steal customer credit and debit data from more than 45 million.
Furthermore, credit card processor Heartland Payment Systems experienced a data breach in 2009. The breach was the result of thieves breaking into the internal card processing network and installing malicious software to steal track data from 130 million cards.
The U.S. Is Falling Behind When It Comes To Credit Card Technology
The U.S. is one of the last countries in the world to migrate from credit cards with a magnetic strip to those with a microprocessor. Cards with microprocessors are more difficult to reproduce. These EMV (Europay, MasterCard and Visa) cards have been adopted in 80 countries and are widely used in Europe. But only about one percent of the U.S. market uses this technology. Some analysts suggest banks, credit companies and retailers don’t want to spend the money to switch out the cards and swipers.
The take-home message is to ensure your PIN number is changed if you believe your card data was compromised. Also be sure to carefully check all transactions on your bank statements. If you see anything suspicious, contact your bank immediately.