Significantly higher than the 40 million customers originally thought compromised
US online retailer Target has disclosed that as many as 70 million of its customers may have been hit in the massive data breach it experience in December,
This is a significant rise from the company’s original estimate that the details of around 40 million credit and debit cards may have been affected by a data breach that happened between 27 November and 15 December, just as the holiday shopping season was getting into gear. In a statement on its website, the company stated that it now believes that details including the names, mailing addresses, phone numbers or email addresses of customers were also taken.
Too easy a Target?
Where an email address was included, Target is contacting customers with advice including tips to guard against consumer scams, which the company is also posting on its website. It has also reassured customers that they would have ‘zero liability’ for the cost of any fraudulent charges arising from the breach, and is offering one year of free credit monitoring and identity theft protection to all guests who shopped in its US stores
“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” said Gregg Steinhafel, chairman, president and chief executive officer, Target. “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.”
Target’s statement goes on to say that the company is cutting its fourth-quarter adjusted earnings forecast, and expects uptake of its REDcard rewards scheme to fall following news of the data breach.
Are you a security pro? Try our quiz!