Thursday
April
24
2014
5:05 pm
Weather
  Home
  Local News
  State / National / World
  Sports
  Opinion / Letters
  Business
  Arts / Entertainment
  Lifestyle
  Obituaries
  Calendar
  Submit Event
  Comics / Games
  Classifieds
  DJ Designers
  Archives
  Advertise With Us
  About Us
 
 
 
 

Check out our archive of Dining Guides - Yum!

Target: Customers’ encrypted PINs were stolen
December 28, 2013, 05:00 AM By Mae Anderson and Barbara

ATLANTA — Target said Friday that debit-card PINs were among the financial information stolen from millions of customers who shopped at the retailer earlier this month.

The company said the stolen personal identification numbers, which customers type into keypads to make secure transactions, were encrypted and that this strongly reduces risk to customers. In addition to the encrypted PINs, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the cards were stolen from about 40 million credit and debit cards used at Target stores between Nov. 27 and Dec. 15.

Security experts say it’s the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

“We remain confident that PIN numbers are safe and secure,” spokeswoman Molly Snyder said in an emailed statement Friday. “The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.”

However, Gartner security analyst Avivah Litan said Friday that the PINs for the affected cards are vulnerable and people should change their codes since such data has been decrypted, or unlocked, before. In 2009 computer hacker Albert Gonzalez pleaded guilty to conspiracy, wire fraud and other charges after masterminding debit and credit card breaches in 2005 that targeted retailers such as T.J. Maxx, Barnes & Noble and OfficeMax. Gonzalez’s group was able to unlock encrypted data. Litan said changes have been made since then to make decrypting more difficult but “nothing is infallible.”

“It’s not impossible, not unprecedented (and) has been done before,” she said.

Besides changing your PIN, Litan says shoppers should instead opt to use their signature to approve transactions because it is safer. Still, she said Target did “as much as could be reasonably expected” in this case.

“It’s a leaky system to begin with,” she said.

Credit card companies in the U.S. plan to replace magnetic strips with digital chips by the fall of 2015, a system already common in Europe and other countries that makes data theft more difficult.

Minneapolis-based Target Corp. said it is still in the early stages of investigating the breach. It has been working with the Secret Service and the Department of Justice.

 

 

Tags: encrypted, credit, debit, target, litan, cards,


Other stories from today:

Federal judge rules NSA phone surveillance legal
Target: Customers’ encrypted PINs were stolen
More than 1 million losing unemployment benefits Saturday
 

 
Print this Page Print this Page  |  Bookmark and Share
<< Back
 
Return To Archives
 
  


 
 
 
Daily Journal Quick Poll
 
Do you support a land swap between the city of San Carlos and the elementary school district so the Charter Learning Center could be built on North Crestview?

Yes
No
Not sure

 

 
Tabbed Structure - Regular
 
 
 
 
 
Light showers, possible hail arriving tonight
Bay Area residents should expect rainy weather to arrive tonight and continue through the weekend, b..
Israel halts peace talks with Palestinians
JERUSALEM — Israel broke off Mideast peace talks and brought the U.S.-brokered process to the brin..
Paul McCartney to close Candlestick Park with farewell concert in August
Music legend Paul McCartney will perform the final concert at San Francisco's soon-to-be-demolished ..
FDA proposes first regulations for e-cigarettes
WASHINGTON — The federal government wants to ban sales of electronic cigarettes to minors and requ..
Man, 84, arrested for shooting at Daly City medical facility
Police in Daly City have arrested an 84-year-old man in connection with a shooting at a medical cent..
More >>  
 
 
  
 
  
 
©2014 San Mateo Daily Journal
San Mateo County name change notice