Target Security Breach: Stolen Information Could Include Names, Account Numbers and PIN Numbers

Updated: 12/19/2013 8:42 PM By: Leslie Dyste

File photo of shopping baskets stacked at a Target store.
File photo of shopping baskets stacked at a Target store.
Photo: Photo: AP/Charles Rex Arbogast

Many Americans are checking their bank accounts after a security breach was reported at Minneapolis-based Target Corporation.

Target Corporation officials say the data breach regarding credit card numbers has been “identified and resolved.”

The Minneapolis-based retailer says about 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15.

The stolen information comes from the magnetic stripe on the back of credit cards. Each card contains a simple line of code. The code contains the retailer, your account number, your name and the expiration date. In some cards, it could also contain the actual PIN number.

"That is no coincidence with the largest shopping time, not just Black Friday, but the week after Black Friday, it was well timed and well planned," said Mark Lanterman with Computer Forensic Services.

Lanterman says a thief can clone your information on their card. They shop, you get the bill. If the thief gets your PIN they could have direct access to your cash. He says there is a simple fix that would protect customers. "If the consumer were to call and cancel their card, this information would be unusable."

Customers all over the nation were victimized, but online customers apparently have not been affected by the breach. Target has 1,797 stores in the U.S. and 124 in Canada.

Early Thursday morning, Target released a statement from the CEO reading, in part, "Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence."

Target officials say authorities and financial institutions were alerted immediately after the breach was discovered, and the Secret Service is now investigating, according to spokesman Brian Leary.

Customers who suspect unauthorized activity should contact Target at: 866-852-8680.

Lanterman says if you have already seen a charge on your statement you don't recognize, it might be connected to this security breach, but it's probably not. He says hackers usually wait to use information and there may never be a way to know for sure it was connected to this incident.

Target is just the latest retailer to be hit with a data breach problem. TJX Cos., which runs stores such as T.J. Maxx and Marshall's, had a breach that began in July 2005 that exposed at least 45.7 million credit and debit cards to possible fraud. The breach wasn't detected until December 2006. In June 2009 TJX agreed to pay $9.75 million in a settlement with multiple states related to the massive data theft but stressed at the time that it firmly believed it did not violate any consumer protection or data security laws.

The Associated Press contributed to this report.