No one likes to hear about data breaches that endanger consumer credit card info at any time. But hearing about one during the Christmas shopping season is enough to put a chill in your bones during already colder than normal pre-holiday season. According to a report from security columnist Brian Krebs, US retailer, Target is investigating a massive data breach that begin on Black Friday, the biggest shopping day in the US that may have extended as deep into the shopping season as far as December 15.
The breach is being reported as occurring in Target retail stores and not online. It could potentially involve millions of consumer credit cards from all Target retail locations. Krebs’ sources are saying that the theft involves grabbing the data stored on the magnetic strip of cards. Target has not commented or confirmed Krebs’ report.
The data stolen is called “track data” and it allow thieves to create counterfeit credit cards by transferring the stolen data on to any card with a magnetic stripe. If the thieves were also able to capture debit card PIN data, they could create fake cards and use ATMs to remove cash from accounts.
Consumers who shopped at Target stores should be on the lookout for suspicious activity on cards that they used at the retailer during that time. I was a victim, along with quite a few folks I know and worked with, of a similar kind of breach last year at a very popular establishment in Virginia that has some outlets across from the US. Fortunately, security departments at banks were on the lookout and caught most illegal transactions using the fake cards. My wife was actually called by our bank while standing in line buying groceries with her debit card when a simultaneous purchase using a fake card with her information was going on in Texas. Consumers are usually protected during these situations but the canceling of accounts and reissuing of cards can be a real inconvenience especially at a time when many are traveling. In the case I mentioned, lawsuits between banks, that business and insurance companies are still going on as to who was ultimately at fault.
Companies and banks do not like to talk about these issues publicly, but if the extent of the breach that Krebs is reporting proves accurate this sounds like it will be one of the largest consumer credit card data breaches in history.