Target says data breach hit up to 110 mn customers (Update 2)

Jan 10, 2014

Giant US retailer Target said Friday that up to 110 million customers have had their personal data stolen in a data breach, sharply raising its initial estimate.

The number of people affected represented one in three Americans, and the scope of the information stolen was much broader than originally thought, Target admitted.

Target initially reported on December 19 that payment card data of some 40 million customers had been obtained by hackers during the year-end holiday shopping season.

The stolen information included credit and debit card data, customer names and PIN (personal identification data) numbers.

On Friday, Target said that its investigation had revealed that hackers also stole a second batch of data that included names, mailing addresses, phone numbers or email addresses for up to 70 million people.

"This theft is not a new breach; these are two distinct thefts as part of the same breach," a Target spokesman told AFP.

"The 70 million guests impacted by this new development are separate from the 40 million number that was previously shared."

Target chief executive Gregg Steinhafel said the company was "truly sorry" for the data breach.

Target said consumers would have "zero liability" due to any fraudulent charges arising from the theft. It offered one year of free credit monitoring protection.

Target is cooperating with an investigation led by the Justice Department and Secret Service. A group of state attorneys general have launched a parallel investigation aimed at protecting victims.

New York Attorney General Eric Schneiderman called the new disclosure "deeply troubling."

"Consumers in New York and around the country expect and deserve companies that protect their personal information when they shop on their websites and in their stores," Schneiderman said in a statement.

Target said the news of the data theft, which came at the peak of the Christmas shopping season, impacted sales in its stores.

It said it now expects fourth-quarter comparable store sales to decline 2.5 percent from its prior forecast of flat sales.

The company said it may need to take a charge for expenses related to the data breach to cover potential costs, including reimbursements for credit card fraud, liabilities from civil litigation, government investigations and enforcement proceedings.

Target shares shed 1.1 percent to $62.62 on Friday.

Explore further: Target reports few incidents of fraud after data theft

add to favorites email to friend print save as pdf

Related Stories

Target: Customers' encrypted PINs were stolen

Dec 27, 2013

Target said Friday that debit card PIN numbers were among the financial information stolen from millions of U.S. customers who shopped at the retailer earlier this month.

Recommended for you

Britain's UKIP issues online rules after gaffes

23 hours ago

UK Independence Party (UKIP), the British anti-European Union party, has ordered a crackdown on the use of social media by supporters and members following a series of controversies.

Sony saga blends foreign intrigue, star wattage

Dec 21, 2014

The hackers who hit Sony Pictures Entertainment days before Thanksgiving crippled the network, stole gigabytes of data and spilled into public view unreleased films and reams of private and sometimes embarrassing ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.