d*w
发帖数: 384 | 1 Target stores' customers hit by major credit card attack
Reuters
(Reuters) - Payment card data was stolen from an unknown number of Target
Corp customers starting on the busy Black Friday weekend in a major breach
at the U.S. retailer, according to a person familiar with the matter.
The Secret Service is investigating, according to a spokesman for the agency
, which safeguards the nation's payment systems. Target officials did not
respond to requests for comment.
Investigators believe the data was obtained via software installed on
machines that customers use to swipe magnetic strips on their cards when
paying for merchandise at Target stores, according to the person who was not
authorized to discuss the matter and declined to provide further details.
Krebs on Security, a closely watched security industry blog that broke the
news, said the breach involved nearly all of Target's 1,797 stores in the
United States, citing sources at two credit card issuers. The report said
that "track data" from at least 1 million payment cards was thought to have
been stolen before Target uncovered the operation, but that the number could
be significantly higher.
"When all is said and done, this one will put its mark up there with some of
the largest retail breaches to date," the report cited an unnamed source as
saying.
The biggest credit card breach at a U.S. retailer reported to date was an
attack against TJX Cos, the parent of TJ Maxx and Marshalls. The company
disclosed in March 2007 that data from 45.7 million payment cards had been
stolen by hackers over 18 months. Banks later asserted in court documents
the hackers could have obtained more than 94 million account numbers.
The data breach at Target could have extended from just after Thanksgiving
to December 15, Krebs said, citing evidence from investigators.
It is not yet clear how the attackers were able to compromise point-of-sales
terminals at so many Target stores across the country. Doing so would have
required careful planning by sophisticated cyber criminals.
An American Express spokeswoman said the company is aware of the incident
and is putting fraud controls in place.
Representatives for Visa and MasterCard declined to comment.
There are no indications that the theft affected shoppers on Target's
website, Krebs reported.
(Reporting by Jim Finkle in Boston and Jennifer Saba in New York; additional
reporting by Aman Shah in Bangalore; Editing by David Gregori, Andre Grenon
and Phil Berlowitz) |
|
