Black Friday sales kickoff the holiday shopping frenzy. People are lined up for hours before the stores even open so that they can take advantage of the super sales. This holiday frenzy has become a tradition now and sadly it has also become a target for the; scams, hacks and a full range of cyber crimes. This year was no exception as the news was recently released that Target, one of the major retailers in the USA, was the victim of a massive theft of credit card information. It was announced yesterday that in excess of 1,000,000 (updated to 40 million) credit cards have been compromised through transactions at Targets 1,797 USA based stores. As the experts all now get involved the immediate questions will be; how massive is the credit card info theft, how did it happen and how can it be prevented?
As per the news release the theft started on Black Friday and has apparently run all the way through December 15. While the initial number of cards stolen was quoted as “about a million” it has now been updated to “approximately 40 million”. The largest theft of credit card information occurred back in 2007 at TJX Cos, which is the parent company of TJ Maxx and Marshalls. In that theft over 45 million credit card credentials were stolen oer an 18 month time frame. It is not expected that this will be as bad as that but it truly is too soon to tell. In the current case involving target the theft was discovered after 20 days so hopefully that will help minimize the damage, but let’s not lose the fact that this theft was during the busiest shopping days of the year.
The question that has investigators scurrying around to find the answer to is “How did this happen at so many store simultaneously?” Early reports indicate that the attacked was pointed at the POS, point of sale, terminals. It is believed that the perpetrators were able to load software into the terminals where the customers confidently swipe their credit cards to make their transactions.
With the software secretively loaded into so many stores and so many terminals there is early speculation that the culprits have direct access to the terminals and infrastructure at the store level. This indicates that heavy focus will be put on someone inside the company’s IT department, or possibly the vendor that Target contracts with for the terminals (or maybe both). Hopefully with the Secret Service involved, who is responsible for safeguarding the nations payment systems, will be able to get to the bottom of this quickly. The one positive piece of information at this point is that the Target website and its’ transactions seem to be safe and not compromised at all.
We are constantly being warned about protecting our credit card information, to be careful with online transactions but there is very little we can do to protect ourselves if the stores we are doing business in aren’t careful enough with the level of security they have put in place. But there are some steps we can, and should, take. Take a moment to visit your credit card companies web site and read up on what you should do to protect yourself and you credit information.