Digital Access

Digital Access
Access from all your digital devices and receive breaking news and updates from around the area.

Home Delivery

Home Delivery
Want to make sure you receive the latest local news? We’ve got you covered! Get the best in local news, sports, community events, with focus on what’s coming up for the weekend. Weekly mail subscription offers

Text Alerts

Text Alerts
Choose your news! Select the text alerts you want to receive: breaking news, prep sports, weather, and more. Text alerts are a free service from Kane County Chronicle, but text rates may apply.

Email Newsletters

Email Newsletters
Sign up for free email alerts. We'll deliver news & updates to your inbox.

Target says data security breach might affect 40 million cards

NEW YORK – Target Corp., the second-largest U.S. discount chain, said Thursday that data for about 40 million debit and credit cards may have been wrongfully accessed in recent weeks and that law enforcement is investigating the matter.

The data was breached between Nov. 27 and Dec. 15, the Minneapolis-based company said in statement. Target said it alerted authorities and financial institutions immediately and has now identified and resolved the issue. The Secret Service said Wednesday that it was probing the incident, and the company said it's working closely with law enforcement to bring those responsible to justice.

Target has locations in Batavia, St. Charles and South Elgin.

Target's challenges come as U.S. retailers gear up for the end of the holiday shopping season, which ShopperTrak predicts will be the slowest since 2009. The last thing Target needs right now as rivals pour on the discounts in a last-ditch grab for market share is for its customers to wonder if they should use their cards, said Ken Perkins, an analyst for Morningstar Inc. in Chicago.

"The timing could be a concern, especially only a few days before Christmas," he said in an interview.

The breach came after the chain had already cut its annual forecast for same-store sales growth to 1 percent from as much as 2.5 percent in August. Doubts about its security could reduce purchases and the number of people signing up for a REDcard, its in-house credit and debit cards, Perkins said. Those card holders are the retailer's biggest spenders, he said.

"The longer-term risk is that people remember this who were going to sign up for a REDcard and don't," Perkins said.

Online shoppers at might be spooked too, given that a link across the top of the site Thursday read: "important notice: unauthorized access to payment card data in U.S. stores."

"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence," Gregg Steinhafel, chief executive officer of Target, said in the statement.

Brian Leary, a spokesman for the Secret Service in Washington, confirmed the agency is probing the matter while declining to comment further because the investigation is under way.

While the agency is best known for protecting the president, it was created in 1865 to fight currency counterfeiting. That role was expanded over the years to include certain kinds of fraud, including identity theft, electronic crime and computer intrusion. The service was part of the U.S. Treasury until 2003, when it was one of the agencies brought into the newly-created Department of Homeland Security.

Data breaches have hit other retailers. TJX Cos., owner of the T.J. Maxx and HomeGoods chains, reported in 2007 that hackers broke into its computer system and stole about 45.7 million credit- and debit-card numbers. The theft set a record at the time for such breaches.

In July, four Russians and a Ukrainian were charged in what prosecutors called the largest hacking scheme in U.S. history, a break-in to computers of retail chains that included 7-Eleven, Carrefour and Wet Seal.

KrebsOnSecurity, a blog written by Brian Krebs, a former Washington Post reporter, first reported that Target was investigating a breach potentially involving millions of customer card records, citing sources at two credit-card issuers.

The site also reported that Target customers had already been victimized. Molly Snyder, a spokeswoman for Target, declined to comment, citing the investigation. She also wouldn't comment on when Target first learned of the breach and where it took place in the transaction process.

Loading more