Attention, Target shoppers: That Black Friday bargain you scored might have some serious strings attached. Target today confirmed that some 40 million credit and debit card accounts may have been affected by a data breach, after Krebs on Security and the Wall Street Journal yesterday reported the chain was investigating a major such breach at its physical stores; online shoppers appear to be safe. Target says those who made purchases at its US stores with their cards between Nov. 27 and Dec. 15 may have been hit, reports the AP.
Yesterday's reports suggest that hackers gained access to the data stored on the cards' magnetic stripes. Worst case, the hackers could "create counterfeit cards by encoding the information onto any card with a magnetic stripe," says the Krebs report. "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs." The Secret Service has confirmed that it is investigating, and Target says it has employed a third-party forensics firm to dig in and is throwing all "appropriate resources" at the issue. Customers who suspect fraudulent activity has taken place using their card should call 866-852-8680. (More Target stories.)