Taget Corp. (TGT) announced on Friday the security breach that compromised personal information of 40 million customers just after Thanksgiving 2013 is much worse than originally reported, with 70 million people actually affected.
In December, the third largest retailer in the US said the security breach allowed hackers to steal encrypted information from 40 million unsuspecting customers’ debit and credit cards.
However, now investigators have uncovered that “the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals.”
Target CEO Gregg Steinhafel said in a press release:
“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this.”
Between November 27 and December 15, 2013 Target says hackers stole not only credit and debit card numbers, but customer names, card expiration dates, and the embedded code on the magnetic strip on the back of cards.
Target — which is based out of Minneapolis, Minnesota — has offered free credit report monitoring and identity theft protection to all its customers, regardless if they shopped at their stores.
If customers want to make use of the offer, they must enroll in the program within the next three months.
“This is going to end up being much larger than 70 million and end up being the largest retail breach in history,” said David Kennedy, a former US Marine Corps cyber-intelligence analyst who runs his own consulting firm, TrustedSec LLC, and has experience investigating retail breaches.
The largest known breach of a US retailer happened in 2007 when T.J. Maxx revealed that information of up to 90 million customers had been stolen over a period of 18 months.
The revelation of the expanded effects of the Target security breach comes in the heels of the release of holiday sales numbers, which didn’t meet expectations for the company.
In general, this was an unsuccessful sales season for retailers. Target in particular lowered its fourth quarter guidance Friday, expecting a comparable store sales decline of 2.5 percent after a previous flat sales forecast.
Compounded with the news of the security breach, Target announced in December that some of its gift cards were not properly activated, leaving customers once again having problems trying to shop at their stores or online.
According to Target less than 0.1 percent of gift cards were affected, though it was not stated how many were sold.
Target also announced that it would be closing eight stores this coming May.
Were you affected by the Target security breach? Let us know in the comments.