Target Data Breach Far Larger Than First Thought

×
target security breach credit cards debit cards
Carolina Hidalgo, Tampa Bay Times/ZUMAPRESS.com/Alamy
By ANNE D'INNOCENZIO and MICHELLE CHAPMAN

NEW YORK -- Target's pre-Christmas security breach was significantly more extensive and affected millions more shoppers than the company reported last month.

The nation's second largest discounter said Friday that hackers stole personal information -- including names, phone numbers as well as email and mailing addresses -- from as many as 70 million customers as part of a data breach it discovered in December.

Target Corp. (TGT) disclosed last month that about 40 million credit and debit cards may have been affected by a data breach that happened between Nov. 27 and Dec. 15 -- just as the holiday shopping season was getting into gear.

According to the company's investigation, criminals also took non-credit card related data for some 70 million shoppers who could have made purchases at Target stores outside the late November to mid-December time frame. Some overlap exists between the two data sets, the company said Friday.

"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," said Gregg Steinhafel, Target chairman, president and CEO, in a statement.

While Target investors have been largely unmoved, the incident has shaken shoppers.

The company's stock has traded at about $63 since news of the breach leaked on Dec. 18.
It slipped just 67 cents, or 1 percent, to $62.67 in morning trading Friday.

Target revealed Friday, however, that the breach diminished holiday sales. The company cut its forecast for fourth-quarter earnings, a key sales barometer.

The theft from Target's databases is still the second largest data breach on record, rivaling an incident uncovered in 2007 that saw more than 90 million credit card accounts pilfered from TJX Cos. (TJX).

Target said in December that customers' names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been stolen.

The company has been working with the Secret Service and the Department of Justice on the investigation.

Target tried to woo scared shoppers back to stores on the last weekend before Christmas with a 10 percent discount on nearly everything in its stores. But Customer Growth Partners, a retail consultancy, estimated that the number of transactions at Target fell 3 percent to 4 percent on the Saturday before Christmas, compared with a year ago.

"You have violated that person's trust. And it's going to take time to regain that trust," said Brian Sozzi, CEO and chief equities strategist of Belus Capital Advisors.

Target lowered its fourth-quarter adjusted earnings guidance to a range of $1.20 to $1.30 a share, down from $1.50 to $1.60 a share.

Analysts surveyed by FactSet expect earnings of $1.24 a share.

The Minneapolis company also said that it now foresees fourth-quarter sales at stores open at least a year will be down about 2.5 percent. It previously predicted those sales would be about flat.

This figure is a closely watched indicator of a retailer's health.

Target cautioned that its fourth-quarter financials may include charges related to the data breach. The chain said the costs tied to the breach may have a material adverse effect on its quarterly results as well as future periods.

The company has 1,921 stores, with 1,797 locations in the U.S. and 124 in Canada.



Increase your money and finance knowledge from home

Introduction to Economic Indicators

Measure the performance of the economy.

View Course »

Basics of Diversification

Learn one of the fundamental concepts of building a portfolio.

View Course »

Add a Comment

*0 / 3000 Character Maximum

13 Comments

Filter by:
Elvis

Who cares? hackers need to use the information immediately or it's worthless!

January 12 2014 at 11:11 PM Report abuse rate up rate down Reply
wytviking

maybe they should push green cards insteag of red cards! Im sure they would make more money to pay back the people .

January 12 2014 at 8:37 PM Report abuse rate up rate down Reply
bdgrizcp

What we haven't heard much about--so far--is what personal losses amount to. I was talking to a BofA branch manager last week and he said they are crediting debit purchases as if they were credit card transactions as customers report the losses. One thing about Target's POS terminals is they do not let a debit card transaction run as a credit transaction. Once you swipe your debit card, it goes straight to PIN. Other stores let you decide, which is a layer of protection.

January 12 2014 at 12:39 PM Report abuse rate up rate down Reply
wlh1923

What happens if you are that rare individual who walks in the place and buys something with cash? Target doesn't have anything about you to steal

January 11 2014 at 7:05 PM Report abuse -1 rate up rate down Reply
BONT64

NEIMAN MARCUS HACK AFFECTED CUSTOMERS' CREDIT CARDS

OH MY OH MY ~ REALLY? ~ I'M TOTALLY IN SHOCK HERE ~ JUST READ ON NBC NEWS 15 MINUTES AGO ~ NEIMAN MARCUS FOUND OUT ALMOST A MONTH AGO BUT JUST CAME OUT WITH IT NOW? HIDING BEHIND TARGETS FORTHRIGHT HONESTY TO THE ENTIRE PUBLIC A.S.A.P. ~ BECAUSE IT MAY HAVE CUT INTO THEIR CHRISTMAS SALES? KUDOS ~ ^5 ~ TO/FOR TARGET TELLING THE TRUTH ~ RIGHT IN THE MIDDLE OF THE "BUSIEST SHOPPING PROFITABLE SEASON OF THE YEAR" ~ NBC NEWS STORY OF THEIR HACK MY NEXT POST ~ shhhhhhhhh....mums the word

January 11 2014 at 6:43 PM Report abuse +1 rate up rate down Reply
cvwaller36

Target is a French "Muslim" company-think this could be terroisium?

January 11 2014 at 7:37 AM Report abuse -3 rate up rate down Reply
YourFtr

Notice on the original issued SS cards...they were not to be used for identification.
This was so nobody could steal your id....
However stores wanted to determine your worth automatically; by accessing your tax data; so that they could give you 'instant credit'. So the government allowed it for commerce....
So; to get 'instant credit' you risk 'instant ID Theft'.....

January 11 2014 at 1:44 AM Report abuse +2 rate up rate down Reply
frank1946

A Sign of Things to Come !

Back to Cash ?

Or Barter ?

January 11 2014 at 12:30 AM Report abuse +1 rate up rate down Reply
kafienkarl

The private sector screws uo big time? Wow who would have thought. Here I've told the government is at fault for everything.

January 10 2014 at 11:59 PM Report abuse rate up rate down Reply
H

40 Million, 70 Million, 110 Million what will it be next week?

When this breach first hit the news I immediately (on 12/30/13) filed a BBB complaint saying that Tarbutt had a responsibility to provide ALL who shopped at their stores during the affected period with FREE credit monitoring services.

All I got back from the Better Cover Up Bureau was a form letter saying that Targets reply, directing me to their generic statement, was the reply and closing the complaint.

Tarbutt is a dues paying member of the Better Cover Up Bureau so you can't expect much from that bunch of chuckleheads. I guess that enough consumers were pissed off enough to insist that they get FREE credit monitoring services.

Of course experience shows that any contact site for them will involve hours of attempts to reach it and it will be about as easy to sign up for as 'Obama Care'.


The Target 'Data Breach' is now 70 Million
Here is an extract of what Tarbutt had to say:

Target Provides Update on Data Breach

"Company extends credit monitoring and identity theft protection to all guests.

the investigation has determined that the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals. . . Target is offering one year of free credit monitoring and identity theft protection to all guests who shopped our U.S. stores. Guests will have three months to enroll in the program. Additional details will be shared next week. To learn more, please go to target.com/databreach."

Keep up with Tarbutt at: http://targetfiling.blogspot.com/ and also see: http://targetstoressucks.blogspot.com/

January 10 2014 at 11:11 PM Report abuse rate up rate down Reply