Target: 40M Customers' Account Data Stolen - FindLaw Blotter
FindLaw Blotter - The FindLaw Crime and Criminals Blog

Target: 40M Customers' Account Data Stolen

Target says that about 40 million credit and debit card accounts may have been affected by a data breach that occurred in the heart of the holiday shopping season. It is the second largest data breach in U.S. retail history.

If you shopped at Target during the period of Thanksgiving to this week, and you used a credit or debit card to make your purchases, your account may be affected.

Target Data Breach

The breach took place from Nov. 27 to Dec. 15, at the peak of the holiday shopping season. Target warned customers in an alert on its website that the data thieves had stolen names, payment card numbers, expiration dates and security codes of about 40 million customers.

The data breach did not affect online purchases but extended to nearly all of Target's stores in the United States, according to Krebs on Security, a closely followed security industry blog that broke the news on Wednesday. Considering Target has 1,797 stores in the U.S., the sheer magnitude of the data breach speaks to the level of its sophistication.

Hacking is one of many ways that personal information, potentially used to steal one's identity or illegally access financial accounts, can be compromised. In this case, the hackers reportedly compromised software installed on point-of-sales terminals that customers use to swipe magnetic strips on cards when paying for items at Target stores, reports Reuters.

Damage Control

If apprehended, the hackers will face a slew of charges under both state and federal law for their unauthorized access of Target's system and large-scale identity theft. But for victims, apprehending the criminals may be the least of their present worries.

Right now, the top priority is to protect affected customers' funds. Target notified banks and customers of the breach, and many financial institutions are now taking actions to protect customers' accounts, reports Reuters.

JPMorgan Chase & Co, one of the biggest U.S. credit card issuers, is reportedly monitoring the accounts involved for suspicious activity. It's unclear what steps MasterCard and Visa are taking, but American Express put fraud controls in place.

Customers who notice any suspicious account activity should immediately contact their banks. According to Target, the data breach itself has been identified and resolved.

Related Resources: