Did hackers collect bank PINs during recent Target card data breach?

Target aknowledged last week that credit card and debut card data of 40 million Target customers may have been compromised between November 27 and December 15. The company had said that the hackers may have had access to customer names and card details but not PIN. However, new reports claim that the cybercriminals might have also stolen the encrypted PINs.

Someone familiar to the matter revealed to Reuters that the personal identification numbers were part of the loot of hackers during the 19-day window. Target had earlier denied that unencrypted PINs were compromised but confirmed there were encrypted information stolen from its systems.

"We continue to have no reason to believe that PIN data, whether encrypted or unencrypted, was compromised. And we have not been made aware of any such issue in communications with financial institutions to date. We are very early in an ongoing forensic and criminal investigation," said Target spokesperson Molly Snyder via email, as quoted by the Reuters report.

The retail company is cooperating with the investigations being conducted by the Justice Department and the U.S. Secret Service.

"On the afternoon of December 23, Tim Baer, Target's EVP and General Counsel, hosted a call for attorneys general across the country to discuss the recent data breach that impacted Target guests in the United States. The majority of state offices were in attendance on the call. We felt it was important to proactively bring this group together to provide them with information about the issue and answer their questions as well as those of their constituents, who are our guests," the latest update from the company read.

Target broke the news to the public about the security breach on December 19. Chief Executive Officer Gregg Steinhafel had issued an apology and update the following day.

While the debit cards might physically be with the card holders, thieves can produce duplicates and use these fake cards for fraudulent transactions.

Meanwhile, JPMorgan Chase had lowered its ATM withdrawal cap and store purchases to just $100 and $500, respectively on Dec. 21 for two million debit cardholders. It slightly eased these limits on Monday increasing the withdrawal limits to $250 and purchases to $1,000 as consumers voiced their indignation about the double black eye brought by Target's security breach and bank's imposition of withdrawal and spending limits.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics