Target: Customers' encrypted PINs were stolen

by Retail Writer Mae Anderson Technology Writer Barbara Ortutay

alt

Target says that about 40 million credit and debit card accounts customers may have been affected by a data breach that occurred at its U.S. stores between Nov. 27, 2013, and Dec. 15, 2013. (AP Photo/Charles Rex Arbogast, File)


ATLANTA (AP) — Target said Friday that debit-card PIN numbers were among the financial information stolen from millions of customers who shopped at the retailer earlier this month.

The company said the stolen personal identification numbers, which customers type in to keypads to make secure transactions, were encrypted and that this strongly reduces risk to customers. In addition to the encrypted PINs, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the cards were stolen from about 40 million credit and debit cards used at Target between Nov. 27 and Dec. 15.

Security experts say it's the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

Target said it doesn't have access to nor does it store the encryption key within its system, and the PIN information can only be decrypted when it is received by the retailer's external, independent payment processor.

"We remain confident that PIN numbers are safe and secure," spokeswoman Molly Snyder said in an emailed statement Friday. "The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems." The company maintains that the "key" necessary to decrypt that data never existed within Target's system and could not have been taken during the hack.

However, Gartner security analyst Avivah Litan said Friday that the PINs for the affected cards are not safe and people "should change them at this point."

Minneapolis-based Target said it is still in the early stages of investigating the breach. It has been working with the Secret Service and the Department of Justice.



More Local

Harassed by former city employee

Torment victim challenges Senoia council

For more than two years, Pat Sharp felt like a prisoner in her own home, thanks to the actions of her next door neighbor, Joey Bigler. Bigle ... Read More


Fighting fires was CCFD chief’s dream

“I loved it,” said recently retired Coweta Fire Chief Johnny Teeters. “It was a passion that hit me in the back of the hea ... Read More


Buy One, Give One

Local clinic receives $10,000 grant

Local New York Life agent Warren Budd, with the help of his colleagues, recently secured a $10,000 Community Impact Grant from the company t ... Read More


Regional leaders taking fresh look at TSPLOST

The regional TSPLOST for this region was rejected by voters five years ago, but new legislation has regional leaders looking at options for ... Read More


NTH Turns 150

Historic local newspaper photos sought

The Newnan Times-Herald is asking readers to share stories related to the newspaper’s history as the Times-Herald’s 150th birthd ... Read More

Department of revenue Chief shares info on tax fraud crackdowns

The Georgia Department of Revenue saved Georgia taxpayers over $33 million in fraudulent tax returns in 2014, according to Revenue Commissio ... Read More