The Minneapolis-based Target announced Dec. 19 that some 40 million credit and debit card accounts had been affected by a data breach that happened from Nov. 27 to Dec. 15 — just as the holiday shopping season was getting into gear.
As part of that announcement, the company said customers’ names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been stolen.
According to new information gleaned from its investigation with the Secret Service and the Department of Justice, Target said Friday that criminals also took non-credit card related data for some 70 million customers. This is information Target obtained from customers who, among other things, used a call center and offered their phone number or shopped online and provided an email address.
Some overlap exists between the 70 million individuals and the 40 million compromised credit and debit accounts, Target said.
When Target releases a final tally, the theft could become the largest data breach on record for a retailer, surpassing an incident uncovered in 2007 that saw more than 90 million records pilfered from TJX Cos. Inc.
(AP Photo: In this Wednesday, March 11, 2009 file photo, the Chicago skyline is reflected in the exterior of Neiman Marcus on Michigan Avenue in Chicago.)