Massive Target data breach affects in-store shoppers who used credit cards

Categories: Crime, Target
Target's downtown Minneapolis headquarters.
:::: ON A LIGHTER NOTE :::: Target Breach: Top 10 tweets

Target has confirmed a massive data breach jeopardizing the credit card information of about 40 million shoppers who made in-store purchases between Black Friday and December 15.

"We have determined that the information involved in this incident included customer name, credit or debit card number, and the card's expiration date and CVV (the three-digit security code)," a statement published this morning on Target's website says.

SEE ALSO: Target apologizes for labeling plus-size dress as "Manatee Gray"

If you used a credit card to shop at a Target store during the timeframe in question, "You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports," the statement continues.

Although specific details about how the fraud went down aren't clear at this point, the Wall Street Journal, citing "people familiar with the matter," reports, "The theft was national in scope and happened in stores, not online, and may have involved tampering with the machines customers use to swipe their cards when making purchases."

"This was obviously a very sophisticated crime," Target spokeswoman Molly Snyder told the Journal.

The Secret Service has confirmed it's investigating. Target officials, meanwhile, say the breach "has been resolved" and are assuring last-minute Christmas shoppers they can use their cards at Target "with confidence."

In a statement, Target CEO Gregg Steinhafel said, "Target's first priority is preserving the trust of our guests, and we have moved swiftly to address this issue so guests can shop with confidence."

"We take this matter very seriously and are working with law enforcement to bring those responsible to justice," Steinhafel continued.

The blog that first broke news of the data breach -- Krebs on Security -- reported that the breach involved nearly all of Target's 1,797 stores in the United States, citing sources at two credit card issuers.

"When all is said and done, this one will put its mark up there with some of the largest retail breaches to date," an unnamed source told Krebs.

-- Follow Aaron Rupar on Twitter at @atrupar. Got a tip? Drop him a line at

My Voice Nation Help
swmnguy topcommenter

This is why I don't use debit cards at all.  At least I have the chance to dispute a credit card charge, and I'm only liable for $50 (I think) at most.  In the past when my credit cards have been compromised I've been contacted directly by the card company.  Chase once called me in China when I was there and somebody got my card info and tried to use it.

Vic Sacramento
Vic Sacramento

I don't know what to think, please get Chris Kluwes opinion on this!

Tabitha Bogen
Tabitha Bogen

It's not just Target Visas and Red cards that were affected. My boyfriend and I bank at a credit union and $500 was taken out of his checking account debit card at in Wisconsin the other day while he was at work in Minneapolis. Tracing it back to the Target breach. Watch all credit and debit cards! These thieves are copying your card data and making new cards!!! That's why you always "see I.D." on your cards signature line. Unfortunately big corporations don't even check id's anymore... Infuriating!!!!

Stephanie Lauseng
Stephanie Lauseng

Super awesome that their website to manage your card isn't functioning for me to check!!!

Megan Bearce
Megan Bearce

Can't get through to cancel card. Tried last night, this morning...


I always keep my cards pretty much maxed out--so even if these thieves get my infomation, they can't steal much.

Danielle Mumble
Danielle Mumble

Well, I would love to log into their site and see if anything has happened with my account activity, but unfortunately the page won't load (probably because so many people are trying to check)

mingtran topcommenter

Can't shop small when the govern.ent won't let you shop


The reason that big retailers don't train their cashiers to check IDs is that their verification services are a.) insuring the business for any loss they suffer as a result of card fraud (ie verifone pays rather than the retailer), and b.) far more reliable at spotting through their detection algorithms than a relatively poorly paid cashier looking at a phot that is less than an inch square from 3-5 feet away. If a cashier at a big retailer DOES look at your id, they are doing it to make you feel better that you didn't waste your time writing "check ID" in the signature line. If they look at the card, they are not comparing your signature they are making sure the CVV code matches what the card says.

Less than one half of one percent of transactions are fraudulent and they earn an average of 1.5 to 2 percent on every swipe. Checking IDs just isn't worth the effort to the retailer.

That being said, you are absolutely right that the consumer needs to protect her accounts. If the banks and credit cards don't detect the frauds, it relies on the account holder to do so. The consumer isn't on the hook for the fraud as long as the fraud is reported immediately.

Also, figures it was in Wisconsin...freaking crooks over there.


Ya.  Looks who's laughing now financial adviser.  Advise me to pay off my cards and pay $100/yr for lifelock.

Now Trending

Around The Web

From the Vault