Target data breach much worse, affected 70 million customers

Target said a massive payment card data breach during the holiday shopping season affected up to 70 million people, far more than previously estimated.

|
Steven Senne/AP/File
A passer-by walks near an entrance to a Target retail store in Watertown, Mass. Target says that personal information — including phone numbers and email and mailing addresses — was stolen from as many as 70 million customers in its pre-Christmas data breach. That was substantially more customers than Target had previously said were affected.

Target Corp said up to 70 million customers were hit by the theft of data over the holiday shopping season, a far more serious breach than previously disclosed.

Shares of the company, which also slashed its fourth-quarter earnings forecast, fell slightly in early trading on Friday.

The third-largest U.S. retailer said in December that hackers had stolen data from up to 40 million credit and debit cards between Nov. 27 and Dec. 15, the second-largest such breach reported by a U.S. retailer.

The news raised concerns that Target had not yet fully grappled with the extent of the data breach.

"I think they still have no idea how big this is," said David Kennedy, a former U.S. Marine Corps cyber-intelligence analyst who runs his own consulting firm, TrustedSec LLC.

"This is going to end up being much larger than 70 million and end up being the largest retail breach in history," said Kennedy, who has experience investigating retail breaches.

The largest known breach at a U.S. retailer, uncovered in 2007 at TJX Cos Inc, led to the theft of data from more than 90 million credit cards over about 18 months.

Target said on Friday an ongoing forensic investigation showed that certain customer information in addition to the originally reported payment card data had been stolen.

The investigation showed that stolen information included names, mailing addresses, phone numbers and email addresses of customers in addition to those who swiped their cards during the 19-day breach period, Targetspokeswoman Molly Snyder said.

Target's disclosure on Friday was the first time it revealed the number of customers affected. Previously it has talked about the number of credit and debit cards affected.

Target said customers will have zero liability for the cost of any fraudulent charges.

"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," Chief Executive Gregg Steinhafel said in a statement.

The company cut on Friday its fourth-quarter adjusted earnings per share forecast for its U.S. operations to $1.20 to $1.30 from $1.50 to $1.60.

The Minneapolis-based company also forecast a 2.5 percent decline in fourth-quarter same-store sales. It had previously forecast flat sales.

Target expects its full-year earnings per share to include charges related to the data breach, but said it could not provide an estimate of the costs.

Target shares were little changed at $63.25.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Target data breach much worse, affected 70 million customers
Read this article in
https://www.csmonitor.com/Business/Latest-News-Wires/2014/0110/Target-data-breach-much-worse-affected-70-million-customers
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe