Monday, March 10, 2014
By Anne D’innocenzio And Bree Fowler
The Associated Press
(Continued from page 1)
Shoppers leave a retail Target on Thursday in Hackensack, N.J. Target says that about 40 million credit and debit card accounts customers may have been affected by a data breach that occurred at its U.S. stores between Nov. 27 and Dec. 15.
The Associated Press/ Northjersey.com, Amy Newman
Given the millions of dollars that companies such as Target spend implementing credit-card security measures each year, Avivah Litan, a security analyst with Gartner Research, said she believes the theft may have been an inside job.
"The fact this breach can happen with all of their security in place is really alarming," Litan said.
Other experts theorize that Target's network was hacked and infiltrated from the outside.
Target, which has almost 1,800 stores in the U.S. and 124 in Canada, said it immediately told authorities and financial institutions once it became aware of the breach on Dec. 15. The company is teaming with a third-party forensics firm to investigate and prevent future problems.
Data breaches tied to credit card fraud are on the rise, according to Javelin Strategy & Research, a San Francisco-based financial services firm.
According to a report by the firm, nearly 16 million consumers were notified that their card information was compromised in 2012, while the number of victims of fraud increased more than threefold from 2010 to 2012. That resulted in $4.8 billion in fraud losses.
Al Pascual, a senior analyst of security risk and fraud at Javelin, noted that 28 percent of customers who are notified that their cards were breached typically suffer fraud in the same year.
"This is going to spawn credit card fraud," he said.
Target's credit card breach poses a serious problem and threatens to scare away shoppers who worry about the safety of their personal data.
"This is close to the worst time to have it happen," said Jeremy Robinson-Leon, a principal at Group Gordon, a corporate and crisis public relations firm. "If I am a Target customer, I think I would be much more likely to go to a competitor over the next few days, rather than risk the potential to have my information be compromised."
Target advised customers Thursday to check their statements carefully. Those who see suspicious charges should report them to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.
The incident is particularly troublesome for Target because it has used its store-branded credit and debit cards as a marketing tool to attract shoppers with a 5 percent discount.
During an earnings call in November, the company said some 20 percent of store customers as of October have the Target-branded cards. In fact, households that activate a Target-branded card have increased their spending at the store by about 50 percent on average, the company said.
Shares in Target Corp. rose 34 cents to $62.49 on Friday.