Target Data Breach

Zoom-boing

Platinum Member
Oct 30, 2008
25,764
7,808
350
East Japip
Target says that about 40 million credit and debit card accounts may have been affected by a data breach that occurred just as the holiday shopping season shifted into high gear.

The chain said that accounts of customers who made purchases by swiping their cards at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have been exposed. The stolen data includes customer names, credit and debit card numbers, card expiration dates and the three-digit security codes located on the backs of cards. The data breach did not affect online purchases.

The Minneapolis company said it immediately told authorities and financial institutions once it became aware of the breach and that it is teaming with a third-party forensics firm to investigate the matter and prevent future breaches. It said it is putting all "appropriate resources" toward the issue.

Target Corp. advised customers to check their statements carefully. Those who suspect there has been unauthorized activity on their cards should report it to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.

Target didn't say exactly how the data breach occurred, but said it had since fixed the problem and that credit card holders can continue shopping at its stores. When asked whether there's a certain time when shoppers know their accounts will no longer be vulnerable, a Target spokeswoman said," We encourage everyone to be vigilant."

Target says 40 million credit, debit card accounts may be affected by data breach | Fox News
 
What does this breach mean for consumers, in particular those who shopped at Target stores in the period between Nov. 27 and Dec. 15?

First thing to do is check your credit card statements for unfamiliar purchases, as well as your bank account — daily — online to ensure there are no fraudulent transactions, says Linda Sherry, director at consumer rights advocacy group Consumer Action. Report any problems immediately to your bank. Your bank should contact you if your credit card was part of the breach. If you were affected, you’ll get a new credit card account number (obviously an inconvenience, especially during the holidays). You won’t be held liable for unauthorized charges made using your credit card number.

American Express (AXP) and Discover (DFS) said they were aware of the breach at Target and had fraud measures in place, according to a CNNMoney article.

If you receive a data breach notification letter from Target, “you know with certainty your information was compromised,” says Eva Velasquez, president and CEO of the Identity Theft Resource Center. (Consumers who know their card data was stolen can contact the ITRC at 888-400-5530 for help on what steps to take next.)

Sherry suggests impacted consumers ask their bank to waive the expedited delivery fee for a new card. Also ask if any credit monitoring services are being offered to victims of the breach.

What to do if you shopped at Target during its data breach - Yahoo Finance
 
Most honest folks would believe the whole thing. Those that shopped at Target would cancel their credit/debit cards and order new ones.
But see, what most poeple don't realize is that crooks, especially thieves, are lazy. Far too lazy to put out the type of energy it would take to actually steal the data from 40 million credit cards from the Target stores in every state in the country. That would take an awful lot of energy. But that is just what the perpetrators of this hoax wan people to think they did. But of course that's probably just what this was intended to do. Make a whole bunch of people think their credit cards are in jeopardy.
What's the next best thing to stealing the data from 40 million credit cards? The answer is: Making someone think the data from 40 million credit cards was stolen.
Now let's say, just for argument's sake, that some young guy who doesn't have a job but is somewhat of a computer genius is sitting around doing nothing but day trading in one stock exchange or another. So he buys stock in a company that makes credit cards. Now he wants to make a pile of money and the only way to do that is to create a huge and instant market for the products that are made the company in which he just bought stock. That's credit cards.
So he does a little computer hacking and makes the CEO/COO/FPO's or whatever at Target headquarters think the data from millions of credit cards that were used at their stores was hacked. So, wanting to be a good corporate citizen, those CEO/COO/FPO's at Target let it be made public so that their customers can protect their private data. And that's exactly what happens. They put the scare into tens of millions of credit/debit card holders so that they will cancel their current cards and order new ones. The company that makes the cards just gets a whole lot of new business, and their stock price increases dramatically, and those that own that stock make a fistful of money.
Just like stealing candy from a baby...
 
Most honest folks would believe the whole thing. Those that shopped at Target would cancel their credit/debit cards and order new ones.
But see, what most poeple don't realize is that crooks, especially thieves, are lazy. Far too lazy to put out the type of energy it would take to actually steal the data from 40 million credit cards from the Target stores in every state in the country. That would take an awful lot of energy. But that is just what the perpetrators of this hoax wan people to think they did. But of course that's probably just what this was intended to do. Make a whole bunch of people think their credit cards are in jeopardy.
What's the next best thing to stealing the data from 40 million credit cards? The answer is: Making someone think the data from 40 million credit cards was stolen.
Now let's say, just for argument's sake, that some young guy who doesn't have a job but is somewhat of a computer genius is sitting around doing nothing but day trading in one stock exchange or another. So he buys stock in a company that makes credit cards. Now he wants to make a pile of money and the only way to do that is to create a huge and instant market for the products that are made the company in which he just bought stock. That's credit cards.
So he does a little computer hacking and makes the CEO/COO/FPO's or whatever at Target headquarters think the data from millions of credit cards that were used at their stores was hacked. So, wanting to be a good corporate citizen, those CEO/COO/FPO's at Target let it be made public so that their customers can protect their private data. And that's exactly what happens. They put the scare into tens of millions of credit/debit card holders so that they will cancel their current cards and order new ones. The company that makes the cards just gets a whole lot of new business, and their stock price increases dramatically, and those that own that stock make a fistful of money.
Just like stealing candy from a baby...

Well, that's perfectly brilliant isn't it? How to know if the breach was real or not? Hmmm.
 
Countering the Target security breach...

Target Breach: Scammers Target Consumers in Aftermath of Credit Card Hack
December 24, 2013 — Since the massive Target payment processing breach, Americans have been told to keep a vigilant eye on their credit and debit card accounts, as well as their credit report. But a recent Google Consumer Survey conducted by TransUnion revealed that one-third (32.7%) of Americans surveyed said they have never checked their credit report or credit score.
Another quarter (24.6%) of those surveyed said they had not checked their credit report or credit score within the past year. A review of your credit report with any one of the major credit agencies -- Equifax, Experian, or TransUnion -- can allow you to:

* Place a fraud warning on your account to encourage creditors to remain vigilant for signs of credit deception when reviewing your file.
* Stay on top of your credit score and see what lenders know about you.
* Identify and correct errors and misinformation.
* Track your credit history.
* Receive email alerts from all three credit reporting companies that can help warn you of possible identity theft.
* Find out what rates you can expect to be offered by lenders.
* Watch your progress over time with trending reports.

Some credit agencies also offer identity theft insurance to help you through a potential financial crisis if your credit card data has been hacked.

Target warns consumers of scams

Target now confirms that the security breach was caused by malware that impacted their point-of-sale system. "We can confirm that we are actively partnering with the United States Secret Service and the Department of Justice on the ongoing investigation into the malware that affected Target's point-of-sale system in our U.S. stores," a statement posted on the Target website said. "Due to the nature of the investigation, the Secret Service has asked not to share many of the details of the forensics and investigation."

MORE

See also:

Exclusive: Target hackers stole encrypted bank PINs - source
25 Dec.`13 - The hackers who attacked Target Corp and compromised up to 40 million credit cards and debit cards also managed to steal encrypted personal identification numbers (PINs), according to a senior payments executive familiar with the situation.
One major U.S. bank fears that the thieves would be able to crack the encryption code and make fraudulent withdrawals from consumer bank accounts, said the executive, who spoke on the condition of anonymity because the data breach is still under investigation. Target spokeswoman Molly Snyder said "no unencrypted PIN data was accessed" and there was no evidence that PIN data has been "compromised." She confirmed that some "encrypted data" was stolen, but declined to say if that included encrypted PINs. "We continue to have no reason to believe that PIN data, whether encrypted or unencrypted, was compromised. And we have not been made aware of any such issue in communications with financial institutions to date," Snyder said by email. "We are very early in an ongoing forensic and criminal investigation."

The No. 3 U.S. retailer said last week that hackers stole data from as many as 40 million cards used at Target stores during the first three weeks of the holiday shopping season, making it the second-largest data breach in U.S. retail history. Target has not said how its systems were compromised, though it described the operation as "sophisticated." The U.S. Secret Service and the Justice Department are investigating. Officials with both agencies have declined comment on the investigations. The attack could end up costing hundreds of millions of dollars, but it is unclear so far who will bear the expense.

While bank customers are typically not liable for losses because of fraudulent activity on their credit and debit cards, JPMorgan Chase & Co and Santander Bank said they have lowered limits on how much cash customers can take out of teller machines and spend at stores. The unprecedented move has led to complaints from consumer advocates about the inconvenience it caused from the late November Thanksgiving holiday into the run-up to Christmas. But sorting out account activity after a fraudulent withdrawal could take a lot more time and be worse for customers.

JPMorgan has said it was able to reduce inconvenience by giving customers new debit cards printed quickly at many of its branches, and by keeping branches open for extended hours. A Santander spokeswoman was not available for comment on Tuesday. Security experts said it is highly unusual for banks to reduce caps on withdrawals, and the move likely reflects worries that PINs have fallen into criminal hands, even if they are encrypted. "That's a really extreme measure to take," said Avivah Litan, a Gartner analyst who specializes in cyber security and fraud detection. "They definitely found something in the data that showed there was something happening with cash withdrawals."

BREAKING THE CODE
 
Last edited:
They cancelled my credit card on the day before Christmas. Have to go get a new one tomorrow
 
A friend got a call from Discover ... $3K worth of merchandise showed up charged to their card, from China!
 

Forum List

Back
Top