The Terrifying Target Data Breach Is Even Worse Than We Thought

Up to 70 million Target customers are now believed to have had their data stolen, up from an original estimate of 40 million.

The massive Target data breach is much larger than first reported last month and has hurt sales, the company announced Friday.  
National Journal
Dustin Volz
Add to Briefcase
See more stories about...
Dustin Volz
Jan. 10, 2014, 4:18 a.m.

The his­tor­ic­ally gi­gant­ic data rob­bery from na­tion­wide Tar­get stores nabbed cred­it and deb­it card data from ap­prox­im­ately 70 mil­lion cus­tom­ers, Tar­get an­nounced Fri­day — a fig­ure al­most twice as large as ori­gin­ally re­por­ted.

The new num­ber, up from an earli­er es­tim­ate of 40 mil­lion, does not rep­res­ent an ad­di­tion­al data breach but a re­cal­cu­la­tion based on Tar­get’s own in­tern­al in­vest­ig­a­tion in­to the mat­ter, which was first ex­posed by cy­ber­se­cur­ity blog­ger Bri­an Krebs last month. The massive data heist in­cluded names, mail­ing ad­dresses, en­cryp­ted per­son­al iden­ti­fic­a­tion num­bers, and phone num­bers of the cus­tom­ers af­fected.

“I know that it is frus­trat­ing for our guests to learn that this in­form­a­tion was taken, and we are truly sorry they are hav­ing to en­dure this,” said Gregg Stein­hafel, Tar­get’s chair­man, in a state­ment. “I also want our guests to know that un­der­stand­ing and shar­ing the facts re­lated to this in­cid­ent is im­port­ant to me and the en­tire Tar­get team.”

Tar­get, in an at­tempt to lessen an on­go­ing pub­lic-re­la­tions night­mare, said it will con­tin­ue its in­vest­ig­a­tion and prom­ised that “guests will have zero li­ab­il­ity for the cost of any fraud­u­lent charges arising from the breach.” Ad­di­tion­ally, the com­pany has pledged to of­fer one year of free cred­it mon­it­or­ing and identi­fy-theft pro­tec­tion to all cus­tom­ers. Those wish­ing to en­roll for the ser­vices have three months to do so.

Earli­er this week Sen. Thomas Carp­er, D-Del., said he wanted to re­in­tro­duce a bill to cre­ate a na­tion­al re­port­ing stand­ard for data breaches like the one that seized Tar­get. It would ap­ply to re­tail­ers and fin­an­cial in­sti­tu­tions and re­quire both to tell gov­ern­ment and con­sumers of harm­ful data breaches.

“Con­sumers, gov­ern­ment agen­cies, and busi­nesses of all kinds have proven to be ex­tremely vul­ner­able to fraud and iden­tity theft, and the Tar­get data breach is just the latest ex­ample of this ser­i­ous prob­lem” Carp­er said in a state­ment.

The ori­gin­al breach rev­el­a­tion, which oc­curred dur­ing the hol­i­day shop­ping sea­son, left many won­der­ing wheth­er Tar­get’s growth would be hampered. Today’s an­nounce­ment makes it clear that the com­pany has suffered. Its fourth-quarter out­look up­date notes “mean­ing­fully weak­er-than-ex­pec­ted sales since the [data breach] an­nounce­ment. Tar­get also an­nounced it is also clos­ing eight stores around the coun­try.

Shares of Tar­get stock had dropped more than 1 per­cent Fri­day morn­ing.

What We're Following See More »
CONGRESS BETTER GET ON BOARD
Mnuchin: Expect Tax Overhaul by August
10 hours ago
THE DETAILS
‘TOP OF THE PACK’
Trump Looking to Expand Nuclear Arsenal
10 hours ago
THE DETAILS
HAD ATTRACTED A CROWD TODAY
Alt-Right Leader Spencer Removed from CPAC
10 hours ago
WHY WE CARE
RECREATIONAL USERS
White House Promises Crackdown on Pot
11 hours ago
THE DETAILS
SAYS LEFT WILL GO INTO “MELTDOWN”
Cruz Predicts Another SCOTUS Vacancy “This Summer”
15 hours ago
THE LATEST
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login