NEW YORK — With less than a week until Christmas, a Grinch has stolen the credit and debit card information of about 40 million Target shoppers.
Target said anyone who made purchases by swiping cards at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have had their accounts exposed. The stolen data includes customer names, credit and debit card numbers, card expiration dates and the three-digit security codes.
The data breach did not affect online purchases, the company said.
Here are some answers to the most common questions about the theft:
Q: I shopped at Target during that time. What should I do?
A: Check your credit card statements carefully. If you see suspicious charges, report the activity to your credit card companies and call Target at 866-852-8680. You can report cases of identity theft to law enforcement or the Federal Trade Commission.
Q: How did the breach occur?
A: Target isn’t saying how it happened. Industry experts note that companies spend millions of dollars each year on credit card security, making this theft alarming.
Experts disagree about how the breach might have happened.
Avivah Litan, a security analyst with Gartner Research, says given all the security, she believes the breach may have been an inside job.
But thefts of this size are too big to be the work of company employees, said Ken Stasiak, founder and CEO of Secure State. Stasiak said such breaches are generally perpetrated by organized crime or an overseas hacker group.
Breaking news, severe weather alerts, AMBER alerts, sports scores from The Norman Transcript are available as text messages right to your phone or mobile device. You decide which type of alerts you want to receive. Find out more or to signup, click here.