US Retailer Target Investigating Massive Credit Card Breach

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

As many as 40 million credit cards potentially compromised as Target brings in law enforcement

Target, one of the biggest retailers in the US, has confirmed it is looking into a breach that may have compromised as many as 40 million of customer credit and debit card records.

The company said guests who made credit and debit card purchases in its US stores between 27 November and 15 December could be affected.

Target has spoken with the financial institutions affected, as well as law enforcement. It said it was “putting all appropriate resources behind these efforts”.

TargetTarget becomes the target

It is also partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident.

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” said Gregg Steinhafel, chairman, president and chief executive officer, Target.

“We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”

According to security blogger Brian Krebs, the data was taken from the magnetic stripe of cards. Such information is used to create new cards and steal money from victims.

“We can’t say for sure that all stores were impacted, but we do see customers all over the US that were victimised,” one source told Krebs.

The Target breach is set to be one of the biggest in retailing history, ranking alongside the breach of TJX Companies in 2009, in which 45.6 million credit cards were exposed.

What do you know about Internet security? Find out with our quiz!