AfterDawn: Tech news

Target hit by massive data breach, millions of credit card details involved

Written by Andre Yoskowitz @ 18 Dec 2013 9:57 User comments (5)

Target hit by massive data breach, millions of credit card details involved The U.S. Secret Service has confirmed that it is investigating a massive data breach at major retailer Target that could involve millions of shopper's credit and debit card information.
According to Krebs on Security, which has broken high-profile security incidents in the past, the breach began on Black Friday, the busiest shopping day of the year, and involves the theft of information from nearly all of Target's brick and mortar stores in the U.S.

Target has 1800 stores in the nation. The report claims online purchases do not appear to be involved, just the data that would allows thieves to create counterfeit cards and even possibly withdraw from ATMs using stolen PINs.

Krebs reported that the breach was ongoing from Black Friday until December 15th.

Target, Mastercard and Visa did not comment on the initial report.

Previous Next  

5 user comments

118.12.2013 22:52

I'm thinking when companies like this get compromised and allow user's data to get captured they should be flogged good. As a developer i'm like, so what if a hacker is able to connect to the database, all the information should be encrypted at rest, meaning if a hacker(s) are able to access a database, unless key know the encryption, which it itself should be locked up high and tight, the data which a hacker could read would be useless, this is the first reason they should be flogged good and is a common practice in all the stuff i've worked on.

Secondly, why in the hell are they even storing credit card numbers? This i feel is a complete compromise in a user's security, unless of course the company, Target in this case, will take all on all liability if any of a user's information they hold is released.

Companies shouldn't have free reign over storing and using customer's "sensitive" information. Really it is "MY" data, not targets, or at least companies should provide an option which customers may select "Don't store any information on me in your system." It doesn't serve me at all, but the company is doing their own analytics on the data so they/the company can maximize sales/profits at the cost of customer's security.

219.12.2013 06:31

im wondering if someone stole an eftpos machine or a series of eftpos machines.

319.12.2013 11:20

The card readers were compromised and that's how they stole the numbers.

But on the customer tracking this came out last year. Target was targeting ads a litle too specifically and a family found out their daughter was pregnant from the ads before the daughter told them.

http://www.nytimes.com/2012/02/19/magaz...abits.html?_r=0

Prety interesting read

419.12.2013 14:21

Originally posted by DarkJello:
The card readers were compromised and that's how they stole the numbers.

But on the customer tracking this came out last year. Target was targeting ads a litle too specifically and a family found out their daughter was pregnant from the ads before the daughter told them.

http://www.nytimes.com/2012/02/19/magaz...abits.html?_r=0

Prety interesting read
eftpos = card reader.we had warning on the news about similar things happening here in australia.

519.12.2013 16:19

@Darkjello
I like the article.
How Corporate Amarica & Woldwide exploit humans habits using the NSA collecting data as a main frame for profits.

We need to be smarter than this Sheep-Consumer-Zombie Treatment.

Comments have been disabled for this article.

News archive