By BRIAN SMITH
With an estimated 40 million credit or debit cards belonging to Target customers involved in a security breach, there will certainly be some local customers affected. Though as of Friday there was no confirmation on a number of local customers’ accounts involved.
In a press release, the company says it “alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts.”
A spokesperson for the U.S. Secret Service confirmed to the Associated Press that it is in fact investigating the incident. The type of data stolen — also known as “track data” — allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe. Customers who made purchases by swiping their cards at stores between Nov. 27 and Dec. 15 may have had their accounts exposed. The stolen data included customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip found on the backs of cards, Target said.
If the thieves were also able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs.
The sophisticated hack reportedly took place over several weeks — starting on Black Friday — and is said to involve “nearly all” Target stores in the United States.
Target customers spoken to locally say they have not noticed any difference in the accounts. Beveraly Coulter said she has been a Target customer for years and the incident hasn’t affected her.
“Very few people carry cash anymore because the card is easier and the funds replaced if they get lost,” Coulter said. “I’d still rather use a card for that reason alone. It’s not Target’s fault. It could have happened anywhere.”
Joseph Mills has a different view. The Weatherford resident said while his account hasn’t been affected, he has changed his PIN number and admits he will be more careful.
“It’s true it could have happened anywhere but Target is a major retailer and you figured you’d be safer from that kind of thing happening at a major retailer,” Mills said. “I guess you can’t be too careful anymore.”
Debbie Rowe, cashier with First National Bank of Weatherford, said FNB along with many other banks have had customers affected by the hacking.
She said she was unsure how many FNB customers had been affected because the bank is doing its own investigating. With the vast magnitude of the hacking, nearly all banks will have someone affected, Rowe said.
Banks locally are telling their customers to change their PIN numbers and monitor their credit and accounts to ensure they are safe, which she says everyone should do as a common sense practice. Any fraudulent transactions might take place for days, weeks or even months.
The theft is the second-largest credit card breach in U.S. history, exceeded only by a scam that began in 2005 involving retailer TJX Cos. That incident affected at least 45.7 million card users.
There was no indication the three- or four-digit security numbers visible on the back of the card were affected, Target said. The data breach did not affect online purchases, the company said.
Eric Hausman, a Target spokesman, said the company is engaged in “an ongoing investigation.”
Target hasn’t disclosed exactly how the breach occurred but said it has fixed the problem. Given the millions of dollars that companies such as Target spend implementing credit-card security measures each year, Avivah Litan, a security analyst with Gartner Research, said she believes the theft might have been an inside job.
“The fact this breach can happen with all of their security in place is really alarming,” Litan said.
Other experts theorize that Target’s network was hacked and infiltrated from the outside.
Whatever the case, Jason Oxman, CEO of the Electronics Transaction Association, which represents the payments technology industry, said data breaches like Target’s are generally “heavily organized and sophisticated.”
Annual losses from global credit and debit card fraud are on the rise. Last year, it reached $11.27 billion, up 11.4 percent from the previous year, according to The Nilson Report, which tracks global payments. Even so, Nilson’s publisher David Robertson pointed out that fraud still accounts for less than 6 cents of every $100 spent.
Target has almost 1,800 stores in the U.S. and 124 in Canada. Those who see suspicious charges should report them to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.
The Associated Press contributed to this report.