You must have heard this story.
Perhaps 40 million in-store customers have had their credit card information compromised.
Apparently, some software was added to the Target computer systems that passed this information to outsiders.
The information included name, credit card number, expiration date, and the CVV code (that’s the three or four digit number printed on your credit card that many people must key-in for online transactions). All of this information is encoded on the magnetic stripe on your credit card and can easily be obtained by hackers when your credit card is swiped!
I’ve talked before about inexpensive devices that can quickly read and store the information on your credit card. The Target credit card breach is different. The entire Target point-of-sale system was breached by hackers and, apparently, the entire Target data system was hacked. Any credit card read at a local store was transmitted to the outside hackers.
This is important (and perhaps boring). When a typical store swipes (reads) a credit card, that credit card information goes to the cash register system which encrypts the information before sending it to a credit card processor for authorization.
Most older systems read the credit card number and send that number to a terminal that encrypts that number at the terminal. So, if you had a little mouse (or software) within that terminal, it sees all of your credit card information.
Newer terminals now encrypt credit card numbers as they are read and prior to reaching the point-of-sale terminal. These numbers are unlikely to be stolen.
pcAmerica makes such credit card readers available. The problem is that not all credit card processors can accept encrypted data prior to reaching the terminal.
40 million cards being compromised is a big thing. Read more about it by searching Google for Target Credit Card Breach.
Here is Target’s statement related to the breach:
“We wanted to make you aware of unauthorized access to Target payment card data. The unauthorized access may impact guests who made credit or debit card purchases in our U.S. stores from Nov. 27 to Dec. 15, 2013. Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause. The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly to resolve the incident.”
Target claims to have fixed the problem. As of the writing of this newsletter, the cause of the problem is unknown. Rumors are that hackers got into the Target data centers and changed the software on the point-of-sale terminals to transmit unencrypted data that could be delivered to the hackers. With this data, fake credit cards could be made.
We are talking about 40 million credit cards which would make this the biggest credit card theft ever.