Retail giant Target has confirmed that debit and credit account information of roughly 40 million U.S. customers who made in-store transactions between November 27 and December 15 has been stolen. The company, which operates nearly 1,800 stores in the U.S. and more than 120 in Canada, has claimed it has “identified and resolved” the massive security breach and is now working directly with banks and law enforcement agencies to further monitor the situation.
“As of December 15, we identified an unauthorized access and were able to resolve the issue,” said Target spokeswoman Molly Snyder in an email to the New York Times. Gregg W. Steinhafel, Target’s chairman and chief executive, added, “We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”
In addition to customers’ credit and debit account information, card expiration dates and three-digit securities codes were also compromised, according to Target representative. Although online customers are said to not have been affected by the security breach, the company is urging all customers to be vigilant in monitoring their personal credit and debit purchasing activity.
News of the security breach surfaced Wednesday, December 18, after Brian Krebs, a security blogger, published a report in which “multiple reliable sources” said a data breach began “on or around” Black Friday last month. Krebs’ alert was updated the following day once Target released its official statement and acknowledged the breach had, in fact, begun two days earlier than initially reported.
According to the Times, traditional, in-store point-of-sale systems have become a popular target in recent years because it’s easier for cybercriminals to steal customers’ information. In many cases, the Times report continued, criminals will then attempt to sell customers’ financial information in bulk on the black market, where it can be used to create counterfeit credit and debit cards.
According to a report published online by Information Security Media Group (ISMG), both MasterCard and Visa have issued alerts to cardholders about the security breach. One anonymous executive told ISMG that MasterCard has so far issued nine alerts to consumers whose information may have been compromised in the breach.
In light of this information, our attorneys are currently investigating whether consumers can take legal action against Target over this data breach. If you believe your credit and/or debit information has been compromised, please fill out Morgan & Morgan’s free case review form to contact an attorney today.