Did you shop at Target during Black Friday 2013? If so, you may be at risk of credit and debit card fraud and identity theft. Target has just announced that hackers stole the private financial data for an estimated 40 million customers who shopped at US Target retail stores between November 27 and December 15.
The compromised data included names, credit and debit card numbers, expiration dates and CVV security codes for customers who shopped at Target during this time period, which includes Black Friday weekend. There is currently no indication debit cards PINs were among the stolen data.
Additionally, customers who shopped at Target.com or Target retail stores in Canada were not affected by the hacking. Target has also stated that the security error which lead to the hacking has been identified and resolved.
40 Million Customers’ Debit and Credit Card Info Stolen from Target
The announcement from Target came early Thursday after security expert Brian Krebs reported the massive data breach.
In a press release, the company confirmed that unauthorized third-parties accessed payment data for Target customers between November 27 and December 15.
Target stated they are working closely with law enforcement and financial institutions to investigate the case.
From Target’s press release:
“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” said Gregg Steinhafel, chairman, president and chief executive officer, Target. “We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”
According to Krebs, the incident was first believed to include private data from credit and debit card transactions placed between November 27 and December 6, but investigators revised their findings to expand the window to December 15. As many as 40 million accounts may be compromised.
The stolen information, including names, card numbers, expiration dates and CVVs, is known as “track data” and can be used by criminals to create counterfeit credit cards. The track data can be embedded on any card with a magnetic stripe (more info).
If the thieves had obtained customer PINs, they could theoretically fabricate fake debit cards and withdraw cash from the victim’s accounts.
What To Do If You’re a Target Shopper
If you used your debit or credit card to shop at a brick-and-mortar Target store in the US between
November 27 and December 15, you may be at risk for fraud or identity theft. At this time, Target is still investigating the breach and it is unclear who is responsible for accessing the track data.
We advise Target shoppers who may be affected to take the following security precautions:
1. Check your credit and debit card accounts immediately for unauthorized charges. Report any unfamiliar credit card or debit card activity to your financial institution (or Target directly, if you’re a Target Red Card holder).
Report the suspicious transaction immediately – the sooner fraudulent activity is reported, the easier it is to reverse. (Click here to watch our video, How to Dispute Unauthorized Credit Card Charges)
2. Continue monitoring your accounts and credit card statements, and, if applicable, enable SMS or email alerts. We recommend daily monitoring of all credit or debit card accounts online. If the your financial institution website includes an option to receive SMS text message or email alerts about pending transactions, make sure this option is enabled.
If you don’t have this option through your bank or credit card issuer’s website, you can register a free account on Mint.com or download the Mint.com smartphone app to receive additional account activity alerts.
3. Request a free consumer credit report by visiting www.AnnualCreditReport.com or call 1-877-322-8228. You are eligible to receive 1 free Equifax, Experian and TransUnion credit report every 12 months by request. Request your credit report and review it for any unauthorized or potentially fraudulent activity. If you see anything suspicious, contact the credit bureaus right away to place a Fraud Alert on your credit report.
You can also submit a complaint on Scambook.