Target Corp says data breach larger than initially believed, state prosecutors get probe underway

By Nicel Jane Avellana

Jan 11, 2014 01:05 AM EST

Target Corp said the data breach that it suffered in the holidays was worse than originally believed as state prosecutors said they would be undertaking a nationwide investigation into the second largest retail cyber attack recorded so far, Reuters reported.

According to Target, an investigation into the matter showed that those who orchestrated the attack got the personal information of no less than 70 million customers and obtained their names, mailing addresses, telephone numbers and email addresses. The US retailer had previously said only 40 million credit and debit cards were compromised.

Target spokeswoman Molly Snyder said the two figures probably contained some overlap but the extent is still unclear. She added that during the period when the attack occurred, some victims did not do their shopping at Target stores, and that their personal information was taken from a database. The breach happened from November 27 to December 15, the report said.

In a statement, Target Chief Executive Gregg Steinhafel said "I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this."

Meanwhile, New York, Connecticut, Massachusetts and Minnesota attorneys general said they were joining a nationwide investigation into the cyber breach. A source knowledgeable about the joint probe told Reuters that over 30 states were involved.

Martha Coakley, Attorney General for Massachusetts, said "A breach of this magnitude is extremely disconcerting and we are participating in a multi-state investigation to discover the circumstances that led to this breach."

According to security experts, stolen payment card information may be utilized to produce false magnetic strip credit cards. The personal data may also be sold on underground platforms so they could be utilized in "phishing" campaigns geared towards convincing victims to give bank account numbers and other sensitive information, the report said.

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics