Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Tech Gear

Hackers 'Target' info of up to 40M credit, debit cards from store POS systems

See also

Target confirmed early on Thursday morning (via ZDNet) a massive data breach affecting some 40 million credit and debit card accounts. Fortunately for those who shop at Target.com, it doesn't involve them, but instead data stored on the magnetic stripe of cards used at the stores.

Normally when a data breach occurs, most instantly think of a website breach. Target said that:

Target today confirmed it is aware of unauthorized access to payment card data that may have impacted certain guests making credit and debit card purchases in its U.S. stores. Target is working closely with law enforcement and financial institutions, and has identified and resolved the issue. [...]

Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013. Target alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts. Among other actions, Target is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident.

"Resolved" doesn't mean the criminals have been caught and the data magically erased from the hands of any miscreants that may have purchased the info. Instead it means that Target has closed whatever breach existed.

However, while Target says the breach is closed, according to a person involved in the investigation, who spoke only on condition of anonymity to the New York Times, the thefts may be continuing. It is unclear which statement is correct in this matter.

Clearly, Target is saying that if you did not shop at the store between those dates, or if you shopped online ("mostly online-only shoppers" such as us will breathe a sigh of relief), you are save. To be clear, these hackers have everything, including the CVV security code from credit and debit cards.

The type of data stolen is known as “track data.” With it, criminals can create counterfeit cards by encoding the data onto a card with a magnetic stripe. It is unclear if PINs for debit cards were stolen, as well, but if they were, criminals could theoretically use them to withdraw cash from ATMs.

It is still unclear how the breach occurred. The theory, thus far, is that the hackers compromised the software controlling point-of-sale systems somehow, perhaps by using a targeted phishing attack or inserting malware with the help of an insider.

One has to wonder if pre-Christmas shopping at Target will take a serious nosedive, now that the news has been made public.

Aside from informing the public and making suggestions on credit monitoring and the like, Target has not offered any of those affected anything to alleviate the upcoming pain. Frequently, in the past, companies have offered free credit monitoring to those hacked through a company's systems.

Advertisement

Don't Miss

  • The Crew
    'The Crew' exclusive: New details on racing types, open-world, seamlessness and more
    Games Exclusive
  • Dirty hands
    Find out how to clean the gross gadgets you carry with you all the time
    Video
    Tech Buzz
  • Civ
    Need to catch up on 'Sid Meier's Civilization'? Here is everything you need to know
    Camera
    Games Feature
  • Contact lenses
    Google applies for patent for what could be the Google Glass successor
    Tech News
  • Upcoming
    These are 2014's biggest PS4, Xbox One and Wii U games
    Camera
    Games Feature
  • Microscope
    A brilliant doctor invents a microscope that can be created for less than 50 cents
    Video
    Headlines

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about Examiner.com and apply today!