By Jim Hagerty
Officials from Target said Friday, Dec. 27, debit-card PIN numbers were among the financial information stolen from millions of customers in a recent security breach.
The retail giant says hackers put 40 million PIN numbers at risk between Nov. 27 and Dec. 15. However, stolen numbers were encrypted when they were entered into the keypads as customers paid for merchandise with credit and debit cards.
“The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems,” Target representative Molly Snyder said.
Encrypted information is extremely difficult for hackers to decode, store officials said. Personal identification numbers entered by customers are not available for store use and can only be retrieved by the chain’s third-party payment processors.
The news comes a day after Target said PINs were not compromised by the breach.
Meanwhile, the U.S. Department of Justice is investigating the case while an array of lawsuits have been filed by customers, who charge Target with failing to protect sensitive consumer data.
Target became aware of the situation Dec. 15 and quickly issued an apology, offering 10 percent off and free credit-monitoring services to those affected.
“We take this crime seriously,” CEO Gregg Steinhafel said in an earlier report. “It was a crime against Target, our team members, and most importantly, our guests.”
In Illinois, Attorney General Lisa Madigan (D) warned consumers to look for unauthorized charges on credit and debit cards used at Target during the time frame in question.
“It is critical that consumers be vigilant in checking their credit card and bank account statements for any unauthorized charges,” Madigan said. “If you discover an unauthorized charge, contact your bank immediately to dispute it. Consumers in need of assistance can visit my website or contact my Identity Theft hotline.”
The Identity Theft Hotline can be reached at 1 (866) 999-5630.
Posted Dec. 27, 2013