Target offered a 10 percent discount to shoppers this weekend as an apology for a security breach that exposed 40 million credit and debit card numbers. But the reduction was only available in stores, and not on the Internet.
Holiday news for Target shoppers got even gloomier with reports that credit card information stolen from 40 million accounts has now infiltrated the global black market.
The credit and debit card numbers were selling in batches of 1 million cards, for as little as $ 20 to a high of $ 100 per card, according to KrebsOnSecurity, a website run by cyber-security reporter Brian Krebs.
Target, America’s No. 2 general merchandise company, was forced to admit Thursday that hackers had breached the retail giant’s computer system and stolen the credit and debit card numbers of 40 million shoppers who had purchased items from Black Friday to Dec. 15.
Chief Executive Gregg Steinhafel issued a statement apologizing for the fiasco and said customers will receive a 10% discount on all purchases made this weekend. But the offer did not apply to web shoppers.
“We recognize this has been confusing and disruptive during an already busy holiday season,” he said .
That comment did not appease state attorneys general in four states – New York, Massachusetts, Connecticut and South Dakota – who demanded more information about the security snafu.
Also not pleased were shoppers, who vented their frustration on social media and in class-action lawsuits.
Target waited until Thursday to confirm that 40 million credit card accounts were exposed to hackers from Black Friday until last week. The data has already infiltrated the black market.
In California, a few hours after Target acknowledged the huge breach, Jennifer Kirk filed a suit in San Francisco federal court, accusing the massive retailer of negligence and invasion of privacy.
“Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” the complaint reads.
A similar lawsuit was filed in Orange County, Calif.
Both echoed customer complaints heard across the country – that hackers could use the stolen card numbers to do everything from charging merchandise to taking out a loan, and that constant financial diligence will now be required of millions who did holiday shopping at Target this year.
The retailer has not explained how the security breakdown happened. Online sales were not affected by the breach, Target officials said.
The company has pledged that customers will not be responsible for paying any fraudulent charges applied to their accounts.
With News Wire Services