Oh my. Last month Target confirmed that hackers managed to access its computers and stole the credit and debit information of around 40 million customers who shopped at Target between November 27 and December 15. The thieves reportedly had access to customer names, credit card numbers, expiration dates and encrypted PIN numbers.
Now the company is reporting (opens in new tab) that certain "guest" information was also taken during the data breach including mailing addresses, phone numbers and email addresses for up to 70 million individuals. The company's report states that much of this data is partial in nature, and that Target will contact affected customers if it comes across an email address.
"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," said Gregg Steinhafel, chairman, president and chief executive officer, Target. "I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team."
Target's report states that guests will have zero liability for the cost of any fraudulent charges arising from the breach. The company is also offering one year of free credit monitoring and identity theft protection to customers who've shopped in the U.S. stores. Guests will have three months to enroll in the program, the report states.
Currently, Target has established a dedicated website that provides information about the data breach such as an FAQ, a message from the CEO, credit monitoring, identity theft protection and more. The site even provides a copy of emails Target has sent out to guests likely so that Target shoppers aren't dismissing them as spam.
"We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future," reads one bulletin. "Additionally, Target alerted authorities and financial institutions immediately after we discovered and confirmed the unauthorized access, and we are putting our full resources behind these efforts."
For more information about the breach, head here (opens in new tab).