Target Holiday Cyber Breach Hits 40 Million Payment Cards
Post date: Dec 19, 2013 8:8:32 PM
Shoppers at a Target in Washington have mixed reactions to the news that hackers might have stolen data from some 40 million credit and debit cards of shoppers who visited its stores during the first three weeks of the holiday season.
WASHINGTON, D.C., UNITED STATES (DECEMBER 19, 2013) (REUTERS) - Target Corp said hackers might have stolen data from some 40 million credit and debit cards of shoppers who visited its stores during the first three weeks of the holiday season in the second-largest such breach reported by a U.S. retailer.
In terms of the speed at which the hackers were able to access large numbers of credit cards, the data theft was unprecedented. It took place in the 19 days from the day before Thanksgiving to Sunday (December 15), in the heart of the crucial Christmas holiday sales season.Target, the No. 3 U.S. retailer, said on Thursday (December 19) that it was working with federal law enforcement and outside experts to prevent similar attacks in the future. It did not disclose how its systems were compromised.
Experts said the incident could not have come at a worse time for Target, which is working to woo sales away from rivals in the last week of the holiday shopping season.
At a Target store in Washington, D.C., shoppers had a mixed reactions to the news.
One shopper Chantelle Smith told Reuters Television using credit cards at Target was no longer an option.
"It's horrifying. I come in here all the time, but I refuse and I will never swipe my card in Target ever again. I will shop in Target, but I will not use my credit card to shop there, only cash," Smith said.
But, other shoppers said they felt comfortable using credit and debit cards at the store and said cyber theft is part of shopping in the 21st century.
"Target is like all the big businesses you know, cyber theft is cyber theft. You take a chance nowadays with technology being the way it is, you are not safe anywhere really," said shopperKevin Smith, who formerly worked at the Washington, D.C. Target.
"I will use my credit card and I wouldn't hesitate to do it," shopper George Morgan said.
"I think it happens all the time and it just depends on, it just happened to happen to them this season," shopper Leila Dirci said.
The largest breach against a retailer, uncovered in 2007 at TJX Cos Inc, led to the theft of data from more than 90 million credit cards over about 18 months.
Since then, companies have gotten far more adept at identifying intruders. But criminals have responded by developing more-powerful attack strategies, spending months on reconnaissance to launch highly sophisticated schemes with the goal of extracting as much data as they can in the shortest period of time.
Investigators believe that hackers compromised software installed on point-of-sales terminals that customers use to swipe magnetic strips on cards when paying for merchandise at Target stores, according to a person familiar with the investigation but not authorized to discuss the matter.
The company's shares were down 1.9 percent at $62.32 on the New York Stock Exchange, while the Standard & Poor's 500 stock index fell 0.2 percent.
Target warned customers in an alert on its website that the criminals had stolen names, payment card numbers, expiration dates and security codes.