23 October 2017
Find out more

Target says 40 million cards may have been compromised in data breach

19 December 2013  |  10316 views  |  2 credit card

The US Secret Service is investigating a massive data card breach at Target retail stores across the United States.

Target has confirmed that approximately 40 million credit and debit card accounts may have been impacted over a two-week period beginning on Black Friday, the busiest shopping day of the year.

Gregg Steinhafel, Target chairman, president and chief executive officer, says: "We take this matter very seriously and are working with law enforcement to bring those responsible to justice."

The breach was first reported by security blogger Brian Krebs, who cites sources at two of the top ten credit card issuers in the US.

The breach may extend to "nearly all Target locations nationwide", and involves the theft of data stored on the magnetic stripe of cards used at the stores.

Using the stolen track data, crooks can create counterfeit cards by encoding the information onto any card with a magnetic stripe. "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs," writes Krebs.

The crooks behind the scam have already started selling the haul on underground forums, with the price for the freshest card account data running at about $44 apiece.
KeywordsEFTPOS

Comments: (2)

David Abbott
David Abbott - Nourpay - Riyadh | 20 December, 2013, 11:24

If the USA had EMV live now,  incidents of this nature and scale would not be happening. 

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Pat Carroll
Pat Carroll - ValidSoft - London | 20 December, 2013, 15:02

Once again we are sadly reminded of the vulnerability of businesses to data breaches, and we are left with 40 million customers fearing that their credit cards will be hijacked by fraudsters just in time for Christmas.

There has been a consistent rise in cyber-crime in the past few years, and traditional security solutions have proven to be inadequate to prevent this. So much so that it has become inevitable that, on occasion, card details will be stolen from businesses.

Whilst it is a difficult task indeed to prevent the theft of customer data, and we can expect to see instances such as these increase in 2014, the solution lies in real-time detection and prevention of the mis-use of such data to perpetrate fraud. The solutions exist to achieve this through low/no friction, real-time, context aware, multi-layered authentication models, which for the most part are totally invisible and intuitive.

This latest crime underlines once more the need for efficient, real-time, context-aware authentication and verification systems, but the security industry can only do so much. It remains the responsibility of financial institutions to implement these up-to-date systems and to protect their customers from future Christmases overshadowed by the fear of identity theft and payment card fraud

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Connecticut resorts to cheques for tax refunds after JPMorgan Chase data breach

Connecticut resorts to cheques for tax refunds after JPMorgan Chase data breach

17 December 2013  |  4587 views  |  0 comments | 3 tweets | 2 linkedin
Connecticut hits Citi with fine over card data breach

Connecticut hits Citi with fine over card data breach

02 September 2013  |  11255 views  |  0 comments | 8 tweets | 4 linkedin
Corporate data breaches increasingly correlated with consumer fraud reports

Corporate data breaches increasingly correlated with consumer fraud reports

07 June 2013  |  5411 views  |  0 comments | 5 tweets | 1 linkedin
Full extent of FIS data breach comes to light

Full extent of FIS data breach comes to light

04 June 2013  |  14623 views  |  0 comments | 10 tweets | 9 linkedin
US supermarket data breach exposes 2.4m cards

US supermarket data breach exposes 2.4m cards

16 April 2013  |  10304 views  |  3 comments | 13 tweets | 5 linkedin
Global Payments hit by 'massive' breach

Global Payments hit by 'massive' breach

30 March 2012  |  12217 views  |  0 comments
Card fraud reports follow supermarket check-out breach

Card fraud reports follow supermarket check-out breach

07 December 2011  |  8093 views  |  2 comments
Register nowvisit www.innotribe.com

Top topics

Most viewed Most shared
Mastercard to roll out blockchain APIMastercard to roll out blockchain API
19356 views comments | 28 tweets | 42 linkedin
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
15166 views comments | 23 tweets | 32 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
10975 views comments | 12 tweets | 23 linkedin
Eight banks form joint venture to launch blockchain trade platformEight banks form joint venture to launch b...
9017 views comments | 14 tweets | 28 linkedin

Featured job

Competitive
New York, NY - USA (some flexibility on location)

Find your next job