Separate info on 70M stolen in Target breach

Share this article:
The PII of up to 70 million individuals was also stolen, according to a Friday statement by Target.
The PII of up to 70 million individuals was also stolen, according to a Friday statement by Target.

As part of the ongoing Target investigation – which began when 40 million credit and debit cards, CVV numbers and encrypted PIN codes were stolen following a roughly three-week attack on the retailer's point-of-sale (POS) devices – authorities have now uncovered an entirely different set of data that was taken during the breach.

The names, mailing addresses, phone numbers and email addresses of up to 70 million individuals was also stolen, according to a Friday statement by Target. While much of the information is “partial in nature,” Target will attempt to contact individuals whose email addresses are on file.

“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” Gregg Steinhafel, chairman, president and chief executive officer of Target, said in the release.

In a bid to help out, Target is offering zero liability to individuals who experience fraudulent charges as a result of the breach. The retail giant is also extending one year of free credit monitoring and identity theft protection services to all affected consumers, which is fairly standard in data breach incidents, but there is currently no information on how to enroll in that program.

Target is unable to estimate any costs associated with the breach, according to the release, which may include, “liabilities to payment card networks for reimbursements of credit card fraud and card reissuance costs, liabilities related to REDcard fraud and card re-issuance, liabilities from civil litigation, governmental investigations and enforcement proceedings, expenses for legal, investigative and consulting fees, and incremental expenses and capital investments for remediation activities.”

Target also announced in the statement that after reviewing the financial performance of eight stores, those locations would be closing in the U.S. on May 3.

UPDATE: In response to an request for clarification regarding the amount of people impacted and the data that was compromised, Joshua Carter, public relations manager at Target, said, “This theft is not a new breach; these are two distinct thefts as part of the same breach and this development was uncovered in the course of the ongoing investigation. The 70 million guests impacted by this new development are separate from the 40 million number that was previously shared.”

UPDATE 2: On Jan. 13, Target announced that customers can begin enrolling for free credit monitoring services.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.