|40-Million Customer Credit Card Details At Risk of Theft From U.S. Retailer, Target|
If you buy or bought from Target, that theft is a concern. Keep a close eye on your CC transactions.
|Payment details from up to 40 million credit cards could have been stolen after they were used in the stores of US retail giant Target. |
The retailer said it was investigating after discovering that thieves had gained access to its payment systems.
The data breach began around 29 November, known as Black Friday, one of the busiest shopping days of the year.
The attackers are believed to have been scooping up credit card details for almost three weeks.
"We take this matter very seriously and are working with law enforcement to bring those responsible to justice," said Target boss Gregg Steinhafel in a statement. 40-Million Customer Credit Card Details At Risk of Theft From U.S. Retailer, Target [bbc.co.uk]
Though it's implicit in the article, it's not explicit in either the article or the summaries that this involved in-store transactions only. It didn't affect web transactions, though I'm not sure there's great long term reassurance in that.
A decent thing to say, of course... but it's a major understatement as well. Cumulatively this kind of inconvenience, at various levels, is beginning to make life a lot more complicated.
|"We regret any inconvenience this may cause," said Mr Steinhafel. |
For some of the particulars about the developing fallout in the Target story, here's a report on the Krebson Security blog, which originally broke the story about the security breach...
Cards Stolen in Target Breach Flood Underground Markets
Dec 20, 2013
|Credit and debit card accounts stolen in a recent data breach at retail giant Target have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card, KrebsOnSecurity has learned. |
Turns out that it was 70 million [bbc.co.uk...]
My son's debit card was one of 'em. No fraud detected but the bank sent a new one anyway.
I don't know what was more surprising, Target getting hacked, or them having 70 million customers. ;)
Thought I'd kick this up with the latest from KrebsOnSecurity, who has continued to follow the story....
Email Attack on Vendor Set Up Breach at Target
Feb 12, 2014
|The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. |
Both the article and the comments after are fascinating. Lest you laugh your head off at the end of the fifth paragraph and think that explains it all, the front line email defense mentioned is only part of the story.