Target confirmed Thursday that previous reports about the unauthorized access of customers' credit card data were true.
In a press release posted on the Target website, the Minneapolis-based retailer admitted that approximately 40 million credit and debit card accounts may have been impacted by the breach.
Affected customers made purchases in U.S. stores from Nov. 27 to Dec. 15, 2013.
Target is currently working with law enforcement and financial institutions to resolve the issue.
“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” Gregg Steinhafel, chairman, president and chief executive officer of Target stated in a press release. “We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”
Here's more from the Associated Press:
Target Corp. advised customers who suspect there has been unauthorized activity on their cards should call them at 866-852-8680.
Target is just the latest retailer to be hit with a data breach problem. TJX Cos., which runs stores such as T.J. Maxx and Marshall's, had a breach that began in July 2005 that exposed at least 45.7 million credit and debit cards to possible fraud. The breach wasn't detected until December 2006. In June 2009 TJX agreed to pay $9.75 million in a settlement with multiple states related to the massive data theft but stressed at the time that it firmly believed it did not violate any consumer protection or data security laws.
Clarification: Language has been amended to clarify that affected purchases occurred between the dates in November and December, and not exclusively on those dates.