Data Breach at Target Exposes 40 Million Credit Cards

Just on the heels of the Adobe data breach we find ourselves in another major compromise of a national brand. Target (Target Brands Inc.) just announced their credit card payment system was breached between November 27 to December 15, 2013. The initial numbers from Target, show 40 million credit and debit cards were exposed. Target released the following statement: “We wanted to make you aware of unauthorized access to Target payment card data. The unauthorized access may impact guests who made credit or debit card purchases in our U.S. stores from Nov. 27 to Dec. 15, 2013. Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause. The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly to resolve the incident.” Not only were the CC numbers gained but all information to make these a premium sale on the blackmarket were obtained. “We have determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV.” According to researchers the cards have already been observed in popular underground forums. The investigation is ongoing but the breach may have occurred anywhere between the POS system to the actual processing center. As these attacks begin to increase, basic security measures should be followed. It can be as simple as a layered defense. At this point all organizations may need to review their security policies and procedures.