Target Store logo

Target's Woes Get Worse

By R. Alan Clanton | published Saturday, January 11, 2014 |
Thursday Review editor

Last month’s retail security breach at Target was so bad it didn’t seem possible that it could get worse. But it did.

Friday morning Target announced that the actual number of people affected by the hacking—which was originally believed to have begun on Black Friday and continued through December 15, 2013—could reach to over 110 million. And to make matters worse, some of the information stolen by the hackers could include data of people who have never shopped at Target.

Investigators now believe that the hacking took place over a much wider span of time than originally thought, and the data now believed to have fallen into the hands of criminals can include any or all of the following: email addresses, phone numbers, home addresses, birth dates, social security numbers and even PINs.

The FBI and a variety of security experts now warn that millions of Americans are now at risk for not just credit or debit card fraud, but also identity theft. Law enforcement and online experts have warned people to be wary of emails designed to look like official emails from Target, from banks or credit unions, or from retailers or manufacturers whose products or services overlap with Target (Starbucks, for example), emails crafted to extract or confirm certain forms of data—a process known as phishing.

Target—which operates nearly two thousand stores in the U.S. and Canada—again apologized for the severe inconvenience that the security breach has caused its customers, and said that it would immediately begin offering free credit monitoring for all its U.S. customers.

“I know that it is frustrating for our guests,” said Gregg Steinhafel, Target CEO and president, in a statement released Friday, “to learn that this information was taken, and we are truly sorry they are having to endure this.”

After the first announcement of the pre-Christmas hacking, Target saw sales drop significantly as customers became wary of shopping at Target stores. During the holiday period Target even offered discounts for merchandise storewide in an effort to keep sales from sagging, but overall sales for Target were 4 percent lower than the year before, and 5 percent lower than the store’s own expectations for the Christmas sales period.

Target’s stock prices closed out this past week slightly lower, but some market analysts expect the value to fall further as news of the larger security breach scares off more shoppers in January and February.

In a potentially related development, high-end retailer Neiman Marcus revealed this week that their credit card operations had also been hacked during December. Neiman Marcus spokespersons said that they became aware of the breach when the company that handles their credit card transactions discovered the cyber-attack late last month, prompting some consumer advocate groups to question why Neiman Marcus did not annouce the security breach sooner.

Like the Target attack, customers who shopped at Neiman Marcus during the affected period may have had much of their credit card and debit card information stolen by the hackers, and store spokesmen said that some fraudulent purchases and transactions had already taken place using the stolen information.