Target investigating a data breach

[redheadbaker]

www.forbes.com/sites/kellyclay/2013/12/18/millions-of-target-customers-likely-affected-by-data-breach/

Millions Of Target Customers Likely Affected By Data Breach

Do you shop at Target? If so, you may want to pay extra attention to your credit and debit card bills during the next few months. According Krebs on Security, Target is investigating a data breach that has potentially affected millions of customer credit and debit cards. These sources say the breach appears to have begun around Black Friday 2013 and involves the theft of data stored on the magnetic strip of cards used at stores. The breach apparently extends to nearly all Target locations across the U.S.

This obviously is not good news for Target and its customers, as the breach hit during some of the busiest shopping days of the year. While sources tell Krebs that the breach was initially thought to have occurred from just after Thanksgiving 2013 to Dec. 6, investigators have discovered evidence that the breach may have extended at least an additional week — possibly as recently as Dec. 15.



Krebs explains that the type of data stolen — also known as “track data” — allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe. If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs.



Target has not yet responded to requests for comment on the rumored breach so far, but an anti-fraud analyst has made it clear the situation could not be any worse for Target and its customers, telling Krebs, “We can’t say for sure that all stores were impacted, but we do see customers all over the U.S. that were victimized.”

[secretlyevil]

Holy crap!

[Velar Fricative]

Wow. I haven't shopped there since before Thanksgiving but I was planning to go today for a few things. This is pretty crazy - people may not find out for a long time whether their account was stolen or not.

[KateAggie]

Well, that's awesome. :?

[IIOY]

Found this in the comments section and think it is helpful. The bottom line is not to panic yet.

It is likely we will learn more as the details of the breach become clearer. These investigations take time. In the meantime here are four steps you could take:

1. Print a copy of the current statements for EVERY credit card you may have used at Target during this time period. Keep an eye on your statements going forward and report anything that is odd.

2. If you want more info the PrivacyRights Clearinghouse is a trustworthy source of steps you can take now. www.privacyrights.org/how-to-deal-with-security-breach

3. The FTC is the best place for information on what to do and who to contact if sometime down the line you believe your account has been compromised. www.consumer.ftc.gov/articles/0271-signs-identity-theft

4. Set up alerts for your card (there is an “alert” option in the RedCard menu bar on the left).

And of course keep an eye out for the letter Target will send with details!

[IIOY]

I keep trying to access my Redcard account online this morning to check my charges and I can't do it. I'm wondering if the page is being Obamacared by a zillion cardholders reading this story this morning.

[tef]

Oops, I didn't see yours. It is worrisome, especially with the RedCard debit. Boo.

[ringstrue]

So if you haven't shopped there this season you are good to go?

[secretlyevil]

Dec 19, 2013 8:56:33 GMT -5 ringstrue said:

So if you haven't shopped there this season you are good to go?

Probably, but I'm at Target practically twice a week. So I guess I'll be watching my AMEX statement like a hawk. Ugh, I just went through this a couple of months ago. Ouidad was compromised, I purchased hair product from their site two years ago and someone got my cc number and was shopping at BARNEYS! Dammit. I don't want to deal with this again.

ETA: AMEX was awesome to work with though.

[cattledogkisses]

Oh hell.

Even if we're not affected this means USAA is going to send us new cards, which means I have to change everything that's linked to that card. It is an ENORMOUS pain in the ass every time this happens.

[blacksred]

And this will be the thing that makes me go back to cash

Sent from my SM-N900V using proboards

[kmpls]

Fuck.

[secretlyevil]

Dec 19, 2013 10:51:18 GMT -5 blacksred said:

And this will be the thing that makes me go back to cash

Sent from my SM-N900V using proboards

Cash? What is this cash thing?

[KateAggie]

Dec 19, 2013 10:51:18 GMT -5 blacksred said:

And this will be the thing that makes me go back to cash

Sent from my SM-N900V using proboards

Just don't put it in an envelope.

[pescalita]

Dec 19, 2013 11:00:38 GMT -5 secretlyevil said:

Dec 19, 2013 10:51:18 GMT -5 blacksred said:

And this will be the thing that makes me go back to cash

Sent from my SM-N900V using proboards

Cash? What is this cash thing?

We were at lunch on Sunday on our annual family shopping trip in SF and nearly had about 9 heart attacks while we searched for my mom's envelope of $400 IN CASH. (we found it on the floor)

I know stuff like this freaks people out, but I kind of take it as a given that my info is out there, and someone somewhere will get it. You cannot insulate yourself from these threats. You can only prepare for the attack.

I watch my accounts several times/wk and have them all on mint.com. Instead of making me vulnerable by opening up more access to my data, this makes me safer by displaying all my transactions in one easy to use place, so I can catch any activity quickly.

I also use credit exclusively, which has better fraud protection and doesn't tie up cash in the event of a breach. The one time we actually have had a fraud issue, Chase caught it before a single charge was approved.

In other words, I assume stuff like this is happening all the time. It doesn't affect me until my account(s) are hit, and I'm prepared for that always.

[IIOY]

Could someone else with a RedCard be a lamb and check if you are able to access your account online? I've been trying all morning and have been shut out. I'm guessing the site is either shut down while Target tries to sort out what's going on, or it's crashing because of the traffic. Either way, it's frustrating as hell. Target's Twitter feed is a bland stream of useless information.

[Velar Fricative]

Ditto pescalita. I don't use my debit card anymore except at the ATM (which I know still carries risks), so using my credit card everywhere means it ain't my cash if there's a fraudulent charge. And Chase did catch the one fraudulent charge on my card and alerted me immediately. Someone tried to buy stuff with my card from an online surf shop in Australia. I know Chase thought the location was off but I also imagined CS reps having a good chuckle like I did at the thought of me buying anything surf-related.

[tabithasoren]

Dec 19, 2013 12:09:03 GMT -5 IIOY said:

Could someone else with a RedCard be a lamb and check if you are able to access your account online? I've been trying all morning and have been shut out. I'm guessing the site is either shut down while Target tries to sort out what's going on, or it's crashing because of the traffic. Either way, it's frustrating as hell. Target's Twitter feed is a bland stream of useless information.

I haven't had any luck online or by phone.  Ugh.

[IIOY]

Dec 19, 2013 12:20:10 GMT -5 tabithasoren said:

Dec 19, 2013 12:09:03 GMT -5 IIOY said:

Could someone else with a RedCard be a lamb and check if you are able to access your account online? I've been trying all morning and have been shut out. I'm guessing the site is either shut down while Target tries to sort out what's going on, or it's crashing because of the traffic. Either way, it's frustrating as hell. Target's Twitter feed is a bland stream of useless information.

I haven't had any luck online or by phone.  Ugh.

Thank you. I just wanted to make sure it wasn't my laptop or browser.

[tabithasoren]

Just got through to cancel my RedCard. I called 800-755-5856 and was on hold for about 20 minutes.

[Melissa W.]

I tried to check but it was down. I check all that stuff regularly so I am not too worried.

[IIOY]

Dec 19, 2013 12:35:26 GMT -5 tabithasoren said:

Just got through to cancel my RedCard. I called 800-755-5856 and was on hold for about 20 minutes.

Are they recommending that everyone cancel their cards out of an abundance of caution?  At this point I have no clue if my card was compromised so I don't know if it's worth it to be on hold for 3 hours to cancel.

[demandypants]

Dec 19, 2013 14:04:00 GMT -5 IIOY said:

Dec 19, 2013 12:35:26 GMT -5 tabithasoren said:

Just got through to cancel my RedCard. I called 800-755-5856 and was on hold for about 20 minutes.

Are they recommending that everyone cancel their cards out of an abundance of caution?  At this point I have no clue if my card was compromised so I don't know if it's worth it to be on hold for 3 hours to cancel.

if your card was used during that time and they identify it as part of the breach I would expect them to issue you a new card.  I don't think you are in great risk by not canceling your card immediately today. personally I would give it a couple days for the rush to die down and then decide what to do.

*i checked my mint account and i was at target around the timeframe they are calling out but not during it. so you can ignore my opinion if you like, cause I am not affected by this one.

[IIOY]

Dec 19, 2013 14:11:53 GMT -5 demandypants said:

Dec 19, 2013 14:04:00 GMT -5 IIOY said:

Are they recommending that everyone cancel their cards out of an abundance of caution?  At this point I have no clue if my card was compromised so I don't know if it's worth it to be on hold for 3 hours to cancel.

if your card was used during that time and they identify it as part of the breach I would expect them to issue you a new card.  I don't think you are in great risk by not canceling your card immediately today. personally I would give it a couple days for the rush to die down and then decide what to do.

No, this is pretty much where my head is at as well.  I understand the urge to panic, but I kind of can't be bothered.  I am irritated that I can't access my account online to find out one way or the other, but I will survive.

[heyjude]

Everyone seems concerned about the target card. It's my understanding that the data breech affects any card used during the affected time frame, target card or not.

And you don't have to cancel your account. You just have to ask for a new card and number, if even such a move is warranted. Which, I have no idea! But I think I may ask BofA for a new debit card!

[IIOY]

Dec 19, 2013 14:37:05 GMT -5 heyjude said:

Everyone seems concerned about the target card. It's my understanding that the data breech affects any card used during the affected time frame, target card or not.

And you don't have to cancel your account. You just have to ask for a new card and number, if even such a move is warranted. Which, I have no idea! But I think I may ask BofA for a new debit card!

People may be like me, where the only card they use at Target is their Target card (thanks to the discount), so perhaps that's why it seems to be the focus.  However, you are correct - any card used at Target during the time period in question is at risk.

[2curlydogs]

I'm super pissed. I think we've been to Target every other damn day since the baby was born. And of course we were using our debit card.

Their order online pick up at store thing is super crappy, too. Just FYI. I'm waiting for them to charge me twice for the wagon I got the boys for Christmas.

[heyjude]

They also have one of the worst websites of any retailer.

Half the time things in the store are not marked or in the wrong spot and you don't know what anything costs until you get to checkout.

And they don't play any music in their stores.

Their grocery store selection is the pits and I'm still mad they got rid of the garden dept for groceries.

I just feel like having target bitch fest today.

[IIOY]

Dec 19, 2013 14:54:14 GMT -5 heyjude said:

They also have one of the worst websites of any retailer.

Half the time things in the store are not marked or in the wrong spot and you don't know what anything costs until you get to checkout.

And they don't play any music in their stores.

Their grocery store selection is the pits and I'm still mad they got rid of the garden dept for groceries.

I just feel like having target bitch fest today.

LOL.  Have you ever walked by one of the end-of-aisle CD players that suddenly blasts a sappy song at you as you walk by?  Those things always scare the shit out of me.

[secretlyevil]

I have never noticed the no music before. I kind of like it.