Reports have begun to surface that retailing giant Target has been the subject of an enormous data breach. Potentially at risk are "millions" of customer records, including credit and debit card information. The periods at risk are November 29 through December 15, and affects "nearly all" US Target stores, but not the online store.
Retail security analyst site Krebs on Security
claims that "the type of data stolen -- also known as 'track data' -- allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe. If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs."
An anti-fraud analyst at a US bank card issuer quoted by Krebs believes that "the breach window is definitely expanding. We can't say for sure that all stores were impacted, but we do see customers all over the US that were victimized."
Target Brands, MasterCard, and Visa have had no comment on the reports. It is unknown who the parties responsible for the breach are, where in the world they are located, or how the data theft was accomplished.