Target data breach: What you should know

Target announced Thursday that it had suffered a massive data breach that affected at least 40 million of the customers who visited its stores during the height of the holiday shopping season. The company says that it has resolved the problem and that its systems are now secure. But for those who may have been affected by the breach, here’s what you need to know.

Q: What was taken?

Video

Target says 40 million customer credit cards may have been compromised during the holiday shopping period in one of the largest credit card breaches at a U.S. retailer.

Target says 40 million customer credit cards may have been compromised during the holiday shopping period in one of the largest credit card breaches at a U.S. retailer.

More business news

Yellen says full economic recovery could take hold by 2016

Yellen says full economic recovery could take hold by 2016

Other financial news from the week includes China’s 7.4% growth rate, which represents a 24-year low.

Barry Ritholtz: What’s gone up won’t always come down

Barry Ritholtz: What’s gone up won’t always come down

You might think that after last year’s strong gains, the markets might be due for a breather, but . . .

As medical providers consolidate, questions about effects on costs, quality of care

As medical providers consolidate, questions about effects on costs, quality of care

A costly legal fight is pushing back against the merger mania gripping the U.S. medical system.

More business news

A: The retailer said customer names, debit or credit card numbers and card expiration dates were taken, along with the three-digit security codes often imprinted on the backs of cards, known as CVVs. The attack affects shoppers who visited Target stores between Nov. 27 and Dec. 15.

Q: Does this affect only people using Target-issued credit cards?

A: No, customers who used any credit or debit card could be affected.

Q: Wait, what if I purchased something from Target online?

A: Target has said that the attack only affected shoppers who were in stores, not those who visited the Web site.

Q: What should I do if I’m at risk?

A: First, check to see if there are any strange charges on your credit card. Keep an eye on your transactions for a long time, as hackers who take big swaths of data like this are looking to sell them to criminals, meaning your information could stay on the marketplace for awhile.

Debit card users may also want to take the extra precaution of calling their banks to get their PIN numbers changed, said JD Sherry, vice president of technology and solutions for the security firm Trend Micro. Target has said there is no indication that PIN numbers were also taken in the attack, but it may be a precaution worth taking for all debit card users, he said.

Q: Okay, there’s some fishy activity. What should I do now?

A: If there are charges you didn’t make, report them to your bank or credit card company immediately. The sooner you’re able to flag bad transactions, the better — people aren’t liable for fraudulent transactions made in their names. Representatives from Visa, American Express, Chase and Bank of America have all told The Washington Post that they are aware of the breach and are on alert to head off fraudulent transactions.

Target has also set up a hotline for those who think they may have been affected by the breach. Target customers who have noticed irregular activity on their accounts should call 1-866-852-8680.

In a note to customers on its corporate site, the company also advises Maryland residents that they can contact the state attorney general’s office for information on identity theft.

Q: How can I protect myself in the future?

A: This was an attack on Target’s internal systems, so it’s hard for consumers to take steps to protect themselves from this kind of theft in the future. It’s always a good idea to keep an eye on your bank account for unusual charges and to report those immediately.

 
Read what others are saying