Target acknowledged early this morning that it is investigating a security breach that may have compromised over 40 million credit and debit cards used by customers shopping at the discount retail chain from November 27 to December 15, a period that included Black Friday.
This wasn't your run-of-the mill hack. The thieves targeted physical store locations (online was not affected) on a national scope. The hackers were able to access credit and debit-card data found on the magnetic strips by comprising approximately 40,000 card devices at store registers, the Wall Street Journal reported
Who carried out the hack remains unclear. Stolen data included customer names, credit, debit and Target store brand card numbers, expiration dates and CVV codes.
"You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports," the company said in a letter to its customers.
This is far from the first major retailer breaches. Back in 2007, TJX -- the company behind T.J. Maxx and Marshalls - acknowledged its systems had been compromised when hackers used the store's wireless networks to access information connected to payment card, check and return transactions at TJX locations nationwide. Data from over 45 million credit and debit cards was stolen.
And in July, credit card numbers from over 160 accounts were stolen from companies including J.C. Penny and 7-Eleven.
But the timing of this particular attack was, unfortunately, impeccable. Black Friday is America's biggest shopping weekend of the year, when store traffic is at its highest.
At least Target doesn't have to sit alone with its "hacked" status. Yesterday, news broke that hackers had breached the Washington Post's servers (for the third time this year), making off with employee usernames and passwords.