Target says data breach actually affected 70 million customers, including online shoppers

by Staff and Wire Reports, Chicago Tribune

Target_StoreTarget customers whose information — name, addresses, phone numbers and email addresses — was stolen need not have shopped at the retailer’s stores during the busy holiday shopping season, a spokeswoman confirmed. The information, said Target spokeswoman Molly Snyder, was collected during the “course of normal business,” and could include online shopping.

This latest disclosure by the Minneapolis-based retailer that hackers made away with the data of 70 million additional Target customers shows that the data breach late last year was far larger and broader than previously thought.

Target initially said Dec. 19 that debit and credit card information for 40 million customers was pilfered during the busy holiday shopping season between Nov. 27 and Dec. 15. About a week later, the retailer also reported that the hackers had accessed “strongly encrypted” personal identification numbers when they tapped into the retailer’s systems.

The retailer said the theft of the information from up to 110 million customers was not a new breach but was uncovered as part of the ongoing investigation into the theft of millions of customers’ credit and debit card information.

“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” said Gregg Steinhafel, Target’s chief executive said. “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.”

The retailer is offering one year of free credit monitoring and identity theft protection to all affected customers who shopped at U.S. stores. Customers will have three months to enroll, Target said in a statement.

Target on Friday lowered its earnings expectations for the last three months of 2013, adjusting for the expected sales decline in the wake of the issue, which came weeks before Christmas.

To learn more on the breach, go to target.com/databreach.

New York Attorney General Eric Schneiderman said on Friday that state attorneys general from around the country are banding together to probe the breach.