Target Hackers Took Personal Info Too

By Kevin Parrish
published

Oh my. Last month Target confirmed that hackers managed to access its computers and stole the credit and debit information of around 40 million customers who shopped at Target between November 27 and December 15. The thieves reportedly had access to customer names, credit card numbers, expiration dates and encrypted PIN numbers.

Now the company is reporting (opens in new tab) that certain "guest" information was also taken during the data breach including mailing addresses, phone numbers and email addresses for up to 70 million individuals. The company's report states that much of this data is partial in nature, and that Target will contact affected customers if it comes across an email address.

"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," said Gregg Steinhafel, chairman, president and chief executive officer, Target. "I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team."

Target's report states that guests will have zero liability for the cost of any fraudulent charges arising from the breach. The company is also offering one year of free credit monitoring and identity theft protection to customers who've shopped in the U.S. stores. Guests will have three months to enroll in the program, the report states.

Currently, Target has established a dedicated website that provides information about the data breach such as an FAQ, a message from the CEO, credit monitoring, identity theft protection and more. The site even provides a copy of emails Target has sent out to guests likely so that Target shoppers aren't dismissing them as spam.

"We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future," reads one bulletin. "Additionally, Target alerted authorities and financial institutions immediately after we discovered and confirmed the unauthorized access, and we are putting our full resources behind these efforts."

For more information about the breach, head here (opens in new tab).

13 Comments Comment from the forums
  • chicofehr
    This has to be the worst hack ever when it comes to the amount of people & $$$ effected. I suspect Targets profits won't very good after they have to pay for all the damage & lawsuits & not to mention their tarnished reputation.
    Reply
  • hotroderx
    I hope I am wrong and I understand things happen but I am not sure Target is going to survive this. The fact that new information keeps coming out that continues to paint this in a darker light is not helping targets rep at all. The fact so much information was stolen over such a large time frame also makes things worse. I think the hit there reputation alone is going to destroy them sadly.
    Reply
  • Rhinofart
    I really don't get the Lawsuit thing. People broke into Target's systems and stole stuff from them. Any company with an Internet presence can and will get hacked at some point. It's not IF, it's WHEN. Nothing like kicking someone in the balls while they are down as long as it makes you a buck or 2 eh?
    Reply
  • soldier44
    I wonder if they know how many guns and ammo I have in the house too, that way if they come around they can get riddled with lead... Hack that.
    Reply
  • derekullo
    Target released a video saying how sorry they were:

    http://www.youtube.com/watch?v=TvkKoDiC4zc
    Reply
  • JamesSneed
    I know its the thieves fault but I also know something about protecting credit card data and the standards imposed. Some of the fault lies squarely on Target. I hope more companies learn from this, encrypt your data from the point it comes in your system i.e. right there on the damn credit card scanner and store it encrypted if you store it at all and possibly even decrypt/encrypt the data right before storing so your using a different key for stored data. Anyhow I had my card stolen as part of this which wasn't a big deal other than being without a card for a few days.
    Reply
  • mstngs351
    My girlfriend works in the electronics department at our local Target. Unfortunately for her simple minded fools keep coming in and flipping her crap like it's her fault. Yelling, cursing or just being rude whenever they use their credit card. That combined with starting a new semester of college has definitely stressed her out. Slapping stupid/rude people should be legal...
    Reply
  • techguy911
    PCI has rules about credit/debit card information storage it MUST be encrypted once leaving the terminal that said they broke the rules and are subject to fines per card could go as high as 6+ billion.
    Reply
  • ddpruitt
    What's really interesting is that Target specifically mentions their own card when offering fraud protection and identity theft. Does that mean screw you if you don't have one of their cards?
    Reply
  • 10tacle
    This won't be the end of Target/Supertarget. They have great merchandise and some excellent sales. They are a step above Wal Mart/Super Wal Mart. Their stores are cleaner (notice the shiny floors in Target vs. dull and dirty floors at Wally World) and more organized and tidy (Wally World shelves and merchandise presentation look like a rummage sale). With that said, I will not be shopping there again until full confidence is restored in their security. I missed this hack by just three days (IF the starting date of 11/27 is accurate even).
    Reply