Target's In-Store Security Breach Has Compromised 40 Million Credit Cards

If you shopped in-store at Target between November 27 and December 15, then your account might be at risk.

Target confirmed today that it experienced a security breach between November 27 and December 15, and as many as 40 million credit and debit card accounts might have been compromised. In a twist though, the hack occurred in-store.

According to Krebs on Security, the breach involved theft of data stored on the magnetic stripes of bank cards. "The type of data stolen — also known as 'track data' — allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe," the site explains. "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs."

Although the news was made official today, it would appear as if some banks were made aware of the potential breach before that; one of our staffers received an automatic reissue of her debit card on December 13, the same day that Krebs on Security leaked the story (and the same day that this writer's own account was frozen because of fraudulent charges made at a cell phone store in Brazil). Regardless, shoppers who made purchases at a brick-and-mortar Target store between Thanksgiving and December 15 might want to consider requesting a new debit or credit card. For more information, check out our guide on what to do if you're the victim of credit card fraud.

Target is obviously taking the breach seriously. The retailer stated that it has resolved the issue, but it will work with law enforcement to "bring those responsible to justice," as well as a third-party forensics firm to conduct a "thorough investigation of the incident."

Considering this hack occurred during a timeframe that includes both Black Friday and the holiday season, it's no surprise that so many accounts were potentially exposed. When coupled with the store's lackluster ad this year, we'd say that Target deserves a retroactive spot on our Black Friday jeers list. (And we'll just continue to stand by our belief that shopping in-store on Black Friday is a fail.)

Readers, have any of you had an account seemingly hacked as a result of this breach? Will you request a new card regardless? Share your story in the comments below.

Lindsay Sakraida
Contributing Writer

Lindsay Sakraida specializes in writing about retail trends and lifestyle subjects. She's also obsessed with music, movies, and tennis. Follow her on Twitter at @LinSakraida.
DealNews may be compensated by companies mentioned in this article. Please note that, although prices sometimes fluctuate or expire unexpectedly, all products and deals mentioned in this feature were available at the lowest total price we could find at the time of publication (unless otherwise specified).


Leave a comment!

or Register
Why the **** stores save this information? Do the transaction and be done with it. There should be law against this. Nobody should be allowed to save information without my consent. Many websites ask before saving while most stores save without asking.
@TheOracle but I want credit cards. Debit cards could be pretty risky using it in the open for the exact reason this article pointed out, where someone can skim your debit and use it to withdraw money. From my knowledge debit cards are much harder to fight fraud, but I do think that might change in the future with cards like AMEX Serve.

I personally never use a debit card anywhere that is not located in a well lit ATM in my bank branches. You never know when someone rigged an ATM machine.
The Oracle (DealNews)
@wlau89 - there are "disposable credit cards" already. Reloadable debit cards, like Green Dot.
Well I guess thats the reason I also request a new credit card every year.
Those scums! Its not safe to shop any where anymore. We should create disposable credit cards.