US retailer Target has been hit by a huge security breach, with credit card data from up to 40 million customers being stolen at the height of the festive shopping season.
Information including customer names, credit or debit card numbers, card expiration dates and CVV three-digit security codes was stolen in the period between November 27th and December 15th, which included Black Friday, the biggest shopping day of the year. Only shoppers in physical stores were targeted, with web-based transactions remaining unaffected.
The theft from Target, the world’s 11th biggest retailer, is one of the largest data security breaches in the retail industry since 2007 when discount chain TJX Companies, owner of TJ Maxx in the US and TK Maxx in the UK, fell victim to fraudsters.
Target, has warned customers on its website that they should “remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports”.
According to security analysts, store check outs have increasingly become targets for cybercriminals in recent years.
John Kindervag, a principal analyst with Forrester Research, claimed: “This is a breach that should have never happened,” adding that the fact CVV codes were stolen suggests the company was storing them, something banned by card brands:
“Clearly by exposing CVV information Target has demonstrated a blatant disregard for . . . compliance regulations as well as card security best practices.”
Mark Rasch, a former U.S. prosecutor of cybercrimes commented:
“Most of these attacks are just a cost of doing business. But an attack that’s targeted against a major retailer during the peak of the Christmas season is much more than that because it undermines confidence.”
Barclays has signed contracts with six of the fintech startups that just graduated from its second New York accelerator programme.
Company card killer Pleo has raised $3m in new funding as it prepares for public launch in the UK and Denmark.
Cheques are become less and less common in the UK according to new research from global market research firm Mintel which claims contactless card use has overtaken cheque payments in the UK for the first time.
Payments for digital and physical goods made mobile operating system-based payments platforms like Apple Pay and Android Pay are expected to boom in the next few years according to new analysis from Juniper.