Target stores reportedly hacked w/in the past month
#1
DVD Talk God
Thread Starter
Target stores reportedly hacked w/in the past month
If you've shopped there in the past month, you will probably getting a new credit card soon.
http://www.theverge.com/2013/12/18/5...-cards-at-risk
http://www.theverge.com/2013/12/18/5...-cards-at-risk
Retailers are an appealing target for hackers during the holidays, and Target may be learning that lesson the hard way. According to Krebs on Security, the US retail giant is investigating a major breach that could potentially involve "millions" of customer credit and debit card records. The sophisticated hack reportedly took place over several weeks starting on Black Friday and possibly extending all the way through December 15th and is said to involve "nearly all" Target stores in the United States.
Krebs says the breach "involves the theft of data stored on the magnetic stripe of cards used at the stores." Online orders are said to be unaffected. Still, it sounds like a worst case scenario for Target and its shoppers, with Krebs writing:
The type of data stolen also known as "track data" allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe. If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs.
Target has reportedly thus far offered no comment on the rumored breach. An anti-fraud analyst at a "top-ten US bank card issuer" made the situation sound dire, telling Krebs, "We cant say for sure that all stores were impacted, but we do see customers all over the U.S. that were victimized." We have reached out to the company for comment.
Krebs says the breach "involves the theft of data stored on the magnetic stripe of cards used at the stores." Online orders are said to be unaffected. Still, it sounds like a worst case scenario for Target and its shoppers, with Krebs writing:
The type of data stolen also known as "track data" allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe. If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs.
Target has reportedly thus far offered no comment on the rumored breach. An anti-fraud analyst at a "top-ten US bank card issuer" made the situation sound dire, telling Krebs, "We cant say for sure that all stores were impacted, but we do see customers all over the U.S. that were victimized." We have reached out to the company for comment.
#4
Re: Target stores reportedly hacked w/in the past month
Fucking great. And I have a debit card with them, which makes it even worse. So if I just changed my PIN #, would that work for now?
#6
DVD Talk Hero
Re: Target stores reportedly hacked w/in the past month
Glad I never get one of those fucking Red Cards they push every time I'm in there.
#8
DVD Talk Legend
I used my bank card as a credit card there the day before Thanksgiving and on the 15th. I'm going to assume I'm compromised. I already moved all but $100 out of my checking and into another account so they won't get much. I'll just manage it that way until I get a new card. Looks like it'll be cash only for now on.
#9
Re: Target stores reportedly hacked w/in the past month
They shut down their 800 number on the back of the Red Card and you can't log in online either. They are handing this situation perfectly!
#10
DVD Talk Legend
Re: Target stores reportedly hacked w/in the past month
Geez -- just got a new card too. Ugh.
#12
DVD Talk God
Thread Starter
Re: Target stores reportedly hacked w/in the past month
TL;DR version: We're fucked
In case they missed the news last night, Target customers around the country are waking up this morning and learning that they may be one of many millions of consumers whose credit and debit card information was compromised during the course of a nearly three-week-long security breach at the retailer. Big Red, you’ve got some explaining to do…
In a statement to potentially affected customers, Target confirms that the “unauthorized access to Target payment card data” at its retail locations (Target.com purchases were apparently not impacted by the attack) lasted from Nov. 27 to Dec. 15, effectively encompassing the heart of the store’s holiday shopping business and affecting around 40 million Target shoppers, according to the retailer.
“Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause,” said the company in a demonstration of corporate understatement.
The breach didn’t just get at basic things like customer names and addresses — nope, Target says the data thieves rode off into the virtual sunset with info that included customer name, credit or debit card number, and the card’s expiration date and CVV (that three-digit security code on the back of your card).
“We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future,” says Target, which is recommending that customers do the sensible thing and review their accounts for signs of fraud and identity theft.
“If you see something that appears fraudulent, REDcard holders should contact Target,” explains the company in an FAQ, “others should contact their bank.”
Target is swearing up and down that its payment systems are now safe and secure, but will customers believe them? Would you?
In a statement to potentially affected customers, Target confirms that the “unauthorized access to Target payment card data” at its retail locations (Target.com purchases were apparently not impacted by the attack) lasted from Nov. 27 to Dec. 15, effectively encompassing the heart of the store’s holiday shopping business and affecting around 40 million Target shoppers, according to the retailer.
“Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause,” said the company in a demonstration of corporate understatement.
The breach didn’t just get at basic things like customer names and addresses — nope, Target says the data thieves rode off into the virtual sunset with info that included customer name, credit or debit card number, and the card’s expiration date and CVV (that three-digit security code on the back of your card).
“We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future,” says Target, which is recommending that customers do the sensible thing and review their accounts for signs of fraud and identity theft.
“If you see something that appears fraudulent, REDcard holders should contact Target,” explains the company in an FAQ, “others should contact their bank.”
Target is swearing up and down that its payment systems are now safe and secure, but will customers believe them? Would you?
#13
Re: Target stores reportedly hacked w/in the past month
#14
Moderator
Re: Target stores reportedly hacked w/in the past month
Hopefully they're going to be slightly more proactive than issuing a statement and telling us to check our credit report.
#15
Re: Target stores reportedly hacked w/in the past month
I finally got through to a different phone # and canceled my Debit Red Card. Should have a new one in 10 business days. 40 million cards compromised though, talk about a clusterfuck.
#16
DVD Talk Legend & 2021 TOTY Winner
Re: Target stores reportedly hacked w/in the past month
Good thing I only use my RedCard at Target, and it's not a debit card. Not terribly concerned at the moment. Maybe I'll call them and have them issue a new one once this all dies down (if they don't issue me a new one automatically). In the meantime, should be pretty easy to spot any bogus transactions should they occur.
#18
DVD Talk Legend
Re: Target stores reportedly hacked w/in the past month
I have to stop in my bank later to get a new card. They can cut them on the spot so better than waiting 5-7 days for the new one. Lesson learned - I'll only use my Amex anywhere for now on and cash for stuff I don't want on the Amex.
#19
Re: Target stores reportedly hacked w/in the past month
Not sure what that has to do with anything, since it can be any card that was used there. In fact, I'm happy it's just my Red Card. Because that was easy enough to cancel and won't affect my regular credit card that I use everywhere else.
#20
Re: Target stores reportedly hacked w/in the past month
I used my Red Card (which is a debit card) on Nov. 26 (supposedly the day before the breach), but then I returned something on Nov. 29 using that card. I'm not sure exactly how to handle this one -- unless I get a new banking account. I could cancel the Red card, but that's not the problem. The problem is they may have my banking account info attached to the Red Card.
Also, alot of this stuff won't be abused until all the hype dies down and people are at ease.
Also, alot of this stuff won't be abused until all the hype dies down and people are at ease.
#21
Moderator
Re: Target stores reportedly hacked w/in the past month
Yeah, I bought a binder full of cloned cards and the guy advised me to wait at least 6 months to a year before using them.
#22
Re: Target stores reportedly hacked w/in the past month
I used my Red Card (which is a debit card) on Nov. 26 (supposedly the day before the breach), but then I returned something on Nov. 29 using that card. I'm not sure exactly how to handle this one -- unless I get a new banking account. I could cancel the Red card, but that's not the problem. The problem is they may have my banking account info attached to the Red Card.
Also, alot of this stuff won't be abused until all the hype dies down and people are at ease.
Also, alot of this stuff won't be abused until all the hype dies down and people are at ease.
I'm not sure how they are going to handle returns though since you have to swipe your card when you return something. That should be fun to try.
#23
Re: Target stores reportedly hacked w/in the past month
I don't think that's necessary true. If you report your card lost or stolen, they will issue you a new card with a new number. It's just your name, card #, and 3 digit security number that was stolen, not your bank acct info.
I'm not sure how they are going to handle returns though since you have to swipe your card when you return something. That should be fun to try.
I'm not sure how they are going to handle returns though since you have to swipe your card when you return something. That should be fun to try.
EDIT: You may be right. It seems they hacked at the POS entry, so they would only get the CC/Debit card info, not account information that may have been attached to it. The only place I used my card after the 26th was at the CSR desk. I'm still gonna cancel though.
What phone # did you use to re-order the card?
Sometimes you are really funny. But obviously not all the time.
Last edited by That'sAllFolks; 12-19-13 at 01:09 PM.
#25
DVD Talk Legend
Re: Target stores reportedly hacked w/in the past month
I don't think that's necessary true. If you report your card lost or stolen, they will issue you a new card with a new number. It's just your name, card #, and 3 digit security number that was stolen, not your bank acct info.
I'm not sure how they are going to handle returns though since you have to swipe your card when you return something. That should be fun to try.
I'm not sure how they are going to handle returns though since you have to swipe your card when you return something. That should be fun to try.