The shopping giant Target is apparently investigating a data breach that affects the in-store records of millions of credit and debit card transactions.
December 18, 2013 1:48 PM PST
It’s not just online transaction databases that are susceptible to attacks.
The retailer Target is reportedly looking into the theft of millions of in-store credit card and debit card records from its databases.
Customers all over the United States were victimized, reported Brian Krebs, who cited people at two of the top 10 credit card issuers in the US.
MongoHQ scrambles to address major database hack
US government releases draft cybersecurity framework
Adobe hacked, 3 million accounts compromised
FTC and TrendNet settle claim over hacked security cameras
League of Legends is hacked, with crucial user info accessed
Both of them said that the breach started on or around Nov. 29, the busy shopping day known as Black Friday, and extended to at least Dec. 6, and possibly as long as Dec. 15.
“The breach window is definitely expanding,” an anti-fraud analyst in the US told Krebs.
A data breach investigation firm representative who wished to remain anonymous said that they expect this breach to compare in scope to “some of the largest retail breaches to date.”
The US Secret Service is also investigating the breach, according to the Wall Street Journal. Secret Service representative Brian Leary confirmed that the Service is investigating but declined to provide further details because of the “active” nature of the investigation.
An unknown number of customers who shopped at Target’s physical stores are reportedly affected. Online customers are apparently not affected by the breach.
The investigation, which still has not been confirmed, has yet to reveal key factors in the breach such as what kind of information was targeted.
A request for comment by Target was not immediately returned. CNET will update the story when we hear back from them.
Update, 6:40 p.m. PDT: Confirmed Secret Service involvement.
Update, 4:48 p.m. PDT: Added detail on possible Secret Service involvement.