Massive Target data breach affects in-store shoppers who used credit cards
|Target's downtown Minneapolis headquarters.|
Target has confirmed a massive data breach jeopardizing the credit card information of about 40 million shoppers who made in-store purchases between Black Friday and December 15.
"We have determined that the information involved in this incident included customer name, credit or debit card number, and the card's expiration date and CVV (the three-digit security code)," a statement published this morning on Target's website says.
SEE ALSO: Target apologizes for labeling plus-size dress as "Manatee Gray"
If you used a credit card to shop at a Target store during the timeframe in question, "You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports," the statement continues.
Although specific details about how the fraud went down aren't clear at this point, the Wall Street Journal, citing "people familiar with the matter," reports, "The theft was national in scope and happened in stores, not online, and may have involved tampering with the machines customers use to swipe their cards when making purchases."
"This was obviously a very sophisticated crime," Target spokeswoman Molly Snyder told the Journal.
The Secret Service has confirmed it's investigating. Target officials, meanwhile, say the breach "has been resolved" and are assuring last-minute Christmas shoppers they can use their cards at Target "with confidence."
In a statement, Target CEO Gregg Steinhafel said, "Target's first priority is preserving the trust of our guests, and we have moved swiftly to address this issue so guests can shop with confidence."
"We take this matter very seriously and are working with law enforcement to bring those responsible to justice," Steinhafel continued.
The blog that first broke news of the data breach -- Krebs on Security -- reported that the breach involved nearly all of Target's 1,797 stores in the United States, citing sources at two credit card issuers.
"When all is said and done, this one will put its mark up there with some of the largest retail breaches to date," an unnamed source told Krebs.
-- Follow Aaron Rupar on Twitter at @atrupar. Got a tip? Drop him a line at email@example.com.