Hey there, time traveller!
This article was published 20/12/2013 (1157 days ago), so information in it may no longer be current.
NEW YORK -- Potential victims of credit card fraud tied to Target's security breach said they had trouble contacting the discounter through its website and call centres.
Angry Target customers expressed their displeasure in comments on the company's Facebook page. Some even threatened to stop shopping at the store.
Target CEO Gregg Steinhafel apologized through a statement issued Friday. The retailer also said it's working hard to resolve the problem and is adding more workers to field calls and help solve website issues. And the discounter began offering 10 per cent off for customers who shop on Saturday and Sunday and free credit-monitoring services to those affected by the issue.
The Minneapolis-based discounter said while it's only heard of "very few" reports of fraud, it's reaching out to customers who made purchases by swiping their cards when the scam occurred. The company also said it's continuing its investigation into the matter.
"We take this crime seriously," Steinhafel said in the statement.
Target's statements come after the nation's second-largest retailer acknowledged Thursday that data connected to about 40 million credit and debit card accounts were stolen as part of a breach that began over the Thanksgiving weekend. Target has said none of its Canadian stores was involved in the breach.
The theft is the second-largest credit card breach in U.S. history, exceeded only by a scam that began in 2005 involving retailer TJX Cos. That incident affected at least 45.7 million card users.
Target disclosed the theft a day after reports the company was investigating a breach. The retailer's data-security troubles and its ensuing public relations nightmare threaten to drive off holiday shoppers during the company's busiest time of year.
Christopher Browning of Chesterfield, Va. said he was the victim of credit card fraud earlier this week and believes it was tied to a purchase he made at Target with his Visa card on Black Friday. When he called Visa on Thursday, the card issuer could not confirm his suspicions. He said he hasn't been able to get through to Target's call centre.
On Monday, Browning received a call from his bank's anti-fraud unit saying there were two attempts to use his credit card in California -- one at a casino in Tracey, Calif., for $8,000 and the other at a casino in Pacheco, for $3,000. Both occurred on Sunday and both were denied. He cancelled his credit card and plans to use cash.
"I won't shop at Target again until the people behind this theft are caught or the reasons for the breach are identified and fixed," he said.
On Friday, Target reiterated that the stolen data included customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip found on the backs of cards, Target said.
There was no indication the three- or four-digit security numbers visible on the back of the card were affected, Target said. It also said Friday there was no indication the stolen data included a customer's birthdate or social security number. The data breach did not affect online purchases, the company said.
Target also said it didn't believe PIN numbers to customers' debit cards have been compromised. That means someone cannot visit an ATM with a fraudulent card and withdraw cash, it said.
Target hasn't disclosed exactly how the breach occurred but said it has fixed the problem.
Given the millions of dollars companies such as Target spend implementing credit card security measures each year, Avivah Litan, a security analyst with Gartner Research, said she believes the theft may have been an inside job.
"The fact this breach can happen with all of their security in place is really alarming," Litan said.
Other experts theorize Target's network was hacked and infiltrated from the outside.
Target, which has almost 1,800 stores in the U.S. and 124 in Canada, said it immediately told authorities and financial institutions once it became aware of the breach on Dec. 15.
-- The Associated Press