Business

Target PIN data stolen during security breach

Friday, December 27, 2013

Target admitted Friday that encrypted debit card PIN data was stolen during the Black Friday weekend security breach.

But company says it is "confident that PIN numbers are safe and secure."

"The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems," Target said in a statement.

The company explained in its statement that the PIN number is encrypted at the keypad, and Target does not have access to the encryption key.

"The PIN information is encrypted within Target's systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the 'key' necessary to decrypt that data has never existed within Target's system and could not have been taken during this incident," Target said in a statement.

Target said data connected to about 40 million credit and debit card accounts were stolen between Nov. 27 and Dec. 15. More than a dozen Target customers have filed federal lawsuits around the country, with some accusing Target of negligence in failing to protect customer data.

Related: 'I shopped at Target. What should I do?'

Target says the company is investigating, but it has not disclosed exactly how the breach occurred. Customers who see suspicious charges on their statements were advised to report them to their credit card companies and call Target at (866) 852-8680.

The Associated Press contributed to this report.

(Copyright ©2014 KABC-TV/DT. All Rights Reserved.)

Get more Business »


Tags:
identity theft, technology, shopping, business
blog comments powered by Disqus
Advertisement