Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Businesses Crime Security

Target Admits Data Breach May Have Up To 110 Million Victims 213

Nerval's Lobster writes "Retail giant Target continues to drastically downplay the impact of the massive data breach it suffered during December, even while admitting the number of customers affected is nearly twice as large as it had previously estimated. Target admitted today the massive data breach it suffered during the Christmas shopping season was more than twice as large and far more serious than previously disclosed. A Jan. 10 press release admits the number of customers affected by the second-largest corporate data breach in history had increased from 40 million to 70 million, and that the data stolen included emails, phone numbers, street addresses and other information absent from the stolen transactional data that netted thieves 40 million debit- and credit-card numbers and PINs. 'As part of Target's ongoing forensic investigation, it has been determined that certain guest information — separate from the payment card data previously disclosed — was taken during the data breach' according to Target's statement. 'This theft is not a new breach, but was uncovered as part of the ongoing investigation.' The new revelation does represent a new breach, however, or at least the breach of an unrelated system during the period covered during the same attack, according to the few details Target has released. Most analysts and news outlets have blamed the breach on either the security of Target's Windows-based Point-of-Sale systems or the company's failure to fulfill its security obligations under the Payment Card Industry Data Security Standard (PCI DSS)."
This discussion has been archived. No new comments can be posted.

Target Admits Data Breach May Have Up To 110 Million Victims

Comments Filter:
  • by Lukano ( 50323 ) on Friday January 10, 2014 @08:48PM (#45923295)

    Target just managed to 'Oh... our bad, a bunch of other systems and avenues were also hacked.... well before the system(s) we're talking about now were hacked.....'... and this isn't a bigger deal?

    Contradict me if I'm wrong, but are they not talking out of the side of their mouths to say that they'd been breached earlier, and only knew it now / only divulged it now?

    • Sounds right to me... if you want to go all conspiracy theory on it, they may have known about the earlier breaches which would have made them look really bad and engineered the last one as a sort of shock and awe pity PR move to cover their incompetence.

  • by TrumpetPower! ( 190615 ) <ben@trumpetpower.com> on Friday January 10, 2014 @08:57PM (#45923331) Homepage

    According to the Census Bureau [census.gov], there're about 115 million households in the US. Target has basically admitted that the theft amounts to their entire database.

    I'd like to think that this would mean the end of the credit reporting rackets; how can anybody even pretend any more that that data is meaningful when this sort of fraud is taking place? But I also wanted to think that the Snowden revelations would have meant the end of the NSA, so clearly I'm not somebody anybody is paying or should pay attention to.

    Cheers,

    b&

    • Well, there were significant breeches in the Canadian Targets, IIRC, so I suspect we're talking about multiple nationalities credit data.
    • Snowden revelations

      Hmm, have the stolen credit cards used or are they just sitting in a warehouse somewhere? Maybe the NSA is relevant to the current story?

      I'm just asking questions!

  • Are you kidding me.?.?. it's like a five-year-old lying about something he did, letting the truth slip out a little bit at a time.
  • They declined me ... (Score:5, Interesting)

    by TrollstonButterbeans ( 2914995 ) on Friday January 10, 2014 @09:19PM (#45923479)
    Target declined me for a credit card in August and wouldn't tell me why either and I still don't know, so I guess that was a "Good Thing".

    [True story!]
    • by nwf ( 25607 )

      Target declined me for a credit card in August and wouldn't tell me why either and I still don't know, so I guess that was a "Good Thing".

      [True story!]

      If you write to them, I'm pretty sure they are required to tell you. Plus, you can get free copies of your credit reports as a result.

      No loss, though. I had one of their CCs and their customer support was so amazingly inept that I cancelled out of frustration. I've never dealt with a CC company with such pathetic customer support. It makes me mad just thinking about it. I can only imagine how well they handled a massive amount of fraud on their cards. Good thing their support is in India or people would hav

  • Good excuse (Score:5, Interesting)

    by bob_super ( 3391281 ) on Friday January 10, 2014 @09:24PM (#45923511)

    My wife may finally understand why I want her to stop giving her data to a million different stores in exchange for a 5% discount or 500 bonus miles.

    • Re: Good excuse (Score:3, Informative)

      by Anonymous Coward

      Er this isn't about their super bonus target credit card plus or whatever they call it. This is a database they created of everyone who shopped at target and used any form of credit card. You could just have easily ended up on the list by using a bank issued debit card.

      • And the UK porn filter is used to quash file-sharing websites, and 9/11 was used to take down Saddam, and...

        I'm an evil person, and "you can trust retailers' databases security" is hopefully not going to have a better illustration anytime soon.

        At least I'm not conjuring "in this economy" or "think of the children", I'm just carefully wording the truth for her own good.
        No oppressed majority will be enabled to regain power and team up with my enemies in the process.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      I don't think you understand. This is pretty much every single credit card used at Target or on target.com over the past few months or year. Or years. They are probably still lying about how many numbers. What pisses me off is that now they've lost names, addresses and a lot of PII data. Fucking Wall Street assholes who don't take security seriously need to be shot.

      • by Shados ( 741919 )

        This probably isn't even anything to do with Wall Street assholes.

        Are you a software developer? Or do you know some? Probably since you're on slashdot.

        Did you or any of them come out of college with the aspiration: "I want to go work for Walmart, Target, or any number of high profile brick and mortar retail chain, its going to be awesome!!!" (Amazon obviously doesn't count).

        No, you and they didn't. That shit is hard. Its a different kind of challenge, more around integration and dealing with a billion weird

    • If the JC Penny breach didn't do it, why would this one? Was Target the epitome of safety and security in your eyes?

  • Bad Math? (Score:4, Interesting)

    by umdesch4 ( 3036737 ) on Friday January 10, 2014 @09:49PM (#45923661)
    The summary says "had increased from 40 million to 70 million", but the title of this post says 110 million. I note that 40 + 70 = 110, so I think somebody parsed it wrong.
    • by nwf ( 25607 )

      The summary says "had increased from 40 million to 70 million", but the title of this post says 110 million. I note that 40 + 70 = 110, so I think somebody parsed it wrong.

      Probably the people who wrote the obamacare web site.

  • by Osgeld ( 1900440 ) on Friday January 10, 2014 @10:23PM (#45923851)

    Bunch of shit I dont want, one thing I do want they dont have, simple things like brasso

    anyway, I bought 1 thing from target cause the reviews were high and it was the only place I could get it local, now I am tied up in this mess

    between those two its going to be a cold day in hell before I step foot back in that store

    ps where is this free credit monitoring they offered me almost 3 weeks ago?

    • by Kardos ( 1348077 )

      Go back to cash. There's no risk of identity theft with cash.

      • by Osgeld ( 1900440 )

        no just the risk of loosing cash on the way to or from the car with no chance in hell of ever getting it back

    • I must reluctantly agree with you... There used to be several retailers out there where you could go and buy ANYTHING. Now, it seems they're dropping anything that isn't high enough margin, or a big enough seller. A few years ago I didn't go to Walmart for anything, ever. Then I fought with ridiculous parking to stop by Target, only to find that their 12 rows of shoes had one-half of one-isle dedicated to men, and almost entirely dress shoes.

      Have you ever walked through an entire pet store and found tha

  • 1) The breach was discovered in December, sounds like it's been going on for months. 2) I'd be very surprised if Target is the only entity that got breached. I keep waiting to hear "Oh, hey, 'member that Target thing? It's now a Walmart, Sears, TJ-Maxx, and Nordstroms thing".
  • by rjejr ( 921275 ) on Friday January 10, 2014 @11:29PM (#45924069)
    About 20 years ago somebody behind me at a Detroit gas station had their tank of gas billed to my credit card. A few years ago Sony gave it all away. Next year I'm sure there will be another security breach. And the year after that. And the year after that. I shop in Target every week with my Target credit card, and I will continue to do so. They are going to get you one way or another. Or they aren't. Target obviously screwed up, their security was lax, their investigation is pathetic, their forth coming with the news leaves alot to be desired. But I'm not going to kill myself, cut up all my credit cards and start using cash, or leave the country. I don't blame people for not shopping there anymore, or switching to cash, but I just don't care anymore. This shit happens all the time, every day people have their identity stolens, it sucks, but it's part of everyday life now, no getting around it. Well suppose tehre's the Amish way, but thats just not for me.
    • by GodfatherofSoul ( 174979 ) on Friday January 10, 2014 @11:46PM (#45924151)

      I care, but I don't think there's anything I can do about it. Until we stop waiting for the "free market" to come up with a solution and regulate better credit card security, nothing will change. Vendors are just going to roll the dice and hope nothing bad happens. I consider myself very caution and I've had 3 fraudulent uses of my card 3 times already (thankfully the bank didn't charge me).

      • Until we stop waiting for the "free market" to come up with a solution and regulate better credit card security, nothing will change.

        Because if the government "does something", there will magically be no economic tradeoffs?

        Because the government has proven they are such security experts?

      • by 0123456 ( 636235 )

        Until we stop waiting for the "free market" to come up with a solution and regulate better credit card security, nothing will change.

        Uh, what do credit cards have to do with the "free market"?

        Hint: do you really, actually, think I can just set up a new credit card company tomorrow, without having to deal with a tsunami of government regulations around the world?

    • by Osgeld ( 1900440 )

      what the hell do you buy at target, overprice old canned goods, or shitty paper storage cubes, I have not found much of value at target even when they were not retarded

      for fucks sake it took nearly 10 min to get a half warm shitty ass hot dog on a rock hard stale bun

      incompetent on every single level

    • Paying in cash is a far cry from killing yourself, or going Amish... In fact it's often more convenient than cards. Ever tried to split a bill between 10 people, all on their cards?

      I could still have my identity stolen, you say? Well since I have no credit history at all, they won't get much use out of it.

      There's a few ways ID theft could incovenience me, but far less than you're exposing yourself to, and will have far less impact on me.

      • by Shados ( 741919 )

        Drop 10 credit cards on the table, tell the waiter to split the bill. Do that all the time.

        Of course, in more civilized areas, restaurants give out individual checks, so its never a problem. It drives me bunker since I moved here that in most of the greater boston area they usually give 1 check per table...ugh.

Business is a good game -- lots of competition and minimum of rules. You keep score with money. -- Nolan Bushnell, founder of Atari

Working...