Target says data breach hit up to 110 mn customers (Update 2)

January 10, 2014

Giant US retailer Target said Friday that up to 110 million customers have had their personal data stolen in a data breach, sharply raising its initial estimate.

The number of people affected represented one in three Americans, and the scope of the information stolen was much broader than originally thought, Target admitted.

Target initially reported on December 19 that payment card data of some 40 million customers had been obtained by hackers during the year-end holiday shopping season.

The stolen information included credit and debit card data, customer names and PIN (personal identification data) numbers.

On Friday, Target said that its investigation had revealed that hackers also stole a second batch of data that included names, mailing addresses, phone numbers or email addresses for up to 70 million people.

"This theft is not a new breach; these are two distinct thefts as part of the same breach," a Target spokesman told AFP.

"The 70 million guests impacted by this new development are separate from the 40 million number that was previously shared."

Target chief executive Gregg Steinhafel said the company was "truly sorry" for the data breach.

Target said consumers would have "zero liability" due to any fraudulent charges arising from the theft. It offered one year of free credit monitoring protection.

Target is cooperating with an investigation led by the Justice Department and Secret Service. A group of state attorneys general have launched a parallel investigation aimed at protecting victims.

New York Attorney General Eric Schneiderman called the new disclosure "deeply troubling."

"Consumers in New York and around the country expect and deserve companies that protect their personal information when they shop on their websites and in their stores," Schneiderman said in a statement.

Target said the news of the data theft, which came at the peak of the Christmas shopping season, impacted sales in its stores.

It said it now expects fourth-quarter comparable store sales to decline 2.5 percent from its prior forecast of flat sales.

The company said it may need to take a charge for expenses related to the data breach to cover potential costs, including reimbursements for credit card fraud, liabilities from civil litigation, government investigations and enforcement proceedings.

Target shares shed 1.1 percent to $62.62 on Friday.

Explore further: Target: 40M card accounts may be breached (Update 2)

Related Stories

Target: Customers' encrypted PINs were stolen

December 27, 2013

Target said Friday that debit card PIN numbers were among the financial information stolen from millions of U.S. customers who shopped at the retailer earlier this month.

Recommended for you

Tech leaders warn over 'killer robots' (Update)

July 28, 2015

A group of top tech leaders, including British scientist Stephen Hawking and Apple co-founder Steve Wozniak, on Tuesday issued a stern warning against the development of so-called killer robots.

Researcher to talk at Black Hat on 'scary' area in Android

July 28, 2015

Does that cute little green robotic creature with two ear-sticks call up feelings of an open, friendly mobile operating system, aka Android? Wow, Monday stories were not about how cute and adorable is that little green creature. ...

Cellphones can steal data from 'air-gapped computers'

July 28, 2015

Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have discovered that virtually any cellphone infected with a malicious code can use GSM phone frequencies to steal critical information ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.