Following news it was investigating a data breach, US retail giant Target has announced that 40m cards may have been compromised.

The announcement that credit and debit card accounts may have been affected over the two weeks following Black Friday has prompted an enquiry by the US Secret Service.

Commenting on the breach, Gregg Steinhafel, Target chairman, president and chief executive officer, said: "We take this matter very seriously and are working with law enforcement to bring those responsible to justice."

The breach is said to have entailed the theft of data from the magnetic stripes of cards used by customers at the retailer’s stores

Data retrieved this way can be used to produce counterfeit cards, says Brian Krebs, a security blogger who first reported the breach by citing sources at two major US credit card issuers.

Krebs commented: "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs."

With the estimated timeframe for the breach expanding, an anti-fraud analyst at one of the US’s top bank card issuers is reported to have commented that although it is impossible to say for sure whether all Target’s outlets were affected, there is evidence of customers all over the US being involved.


Related articles:

Target probing potential credit, debit card data breach

Chase issues data breach warning to prepaid customers

Credit card details leaked in Western Europe’s ‘largest breach’ in last three years