Target Targeted for Big Data Theft

more+
less-

Over the course of 19 days, beginning on the day before Thanksgiving, hackers obtained personally identifiable information, including credit card numbers and security codes, from 40 million shoppers at some 1,800 Target stores in the United States. It was one of the largest, speediest and most sophisticated retail-data thefts ever.

The largest retail data theft was in 2007 at T.J. Maxx and Marshalls (both are owned by The TJX Companies, Inc.). It involved the theft of data from 90 million credit cards over the course of 18 months. The thieves obtained the data by hacking into the company's back-office computer system. In contrast, investigators believe the Target thieves used a technique called "skimming," which required them to implant a small chip or software application into the credit-and debit-card magnetic stripe readers attached to each store's cash registers. Who implanted the chips or software — and how they did it — are the big questions facing investigators.

Over the weekend, Target offered its customers a 10% discount in its U.S. stores and free credit monitoring to at-risk customers. That was not nearly enough to keep everyone happy. Target customers already have filed nationwide class-action lawsuits against the company.  State attorneys general are investigating Target to determine when Target realized there was a security issue and how quickly it responded. JPMorgan Chase announced that customers who used its debit cards during the breach period would be limited to daily withdrawals of $100 and daily purchases of $300.

The incident highlights the importance of using physical safeguards to protect customers' personally identifiable information against theft.


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Thomson Reuters Compliance Learning | Attorney Advertising

Written by:

more+
less-

Thomson Reuters Compliance Learning on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×
Loading...
×
×