Target Confirms Massive Criminal Access to Credit and Debit Card Data

At the New York Times, "Target Says Data for 40 Million Shoppers Was Stolen":

SAN FRANCISCO — Target confirmed Thursday morning that it was investigating a security breach involving stolen credit card and debit card information for 40 million of its retail customers.

In a statement, Target said that criminals gained access to its customer information on Nov. 27 — the day before Thanksgiving and just ahead of one of the busiest shopping days of the year — and maintained access through Dec. 15.

“As of Dec. 15, we identified an unauthorized access and were able to resolve the issue,” Molly Snyder, a Target spokeswoman, said in an email.

A security blogger, Brian Krebs, first reported the breach on Wednesday.

Target said that criminals had stolen customer names, credit or debit card numbers, expiration dates and three-digit security codes for 40 million customers who had shopped at its stores. The company noted that online customers were not affected by the breach, which appeared to have been isolated to the point-of-sale systems in Target’s retail stores.

Immediately after discovering the breach, Target said, it alerted federal authorities and financial institutions, and is currently working with a third-party forensics firm on an investigation.

Hey, you're safer shopping online, especially through my Amazon links!