Criminal hackers have stolen credit card information records for 40 million Target store customers. Hackers stole customer names, credit or debit card numbers, expiration dates and three-digit security codes for 40 million customers of Target stores between Nov. 27 to Dec. 15. According to a person involved in the inquiry, the company is currently working with a forensic team from Verizon to investigate the breach.
The dates when Target was hit are complicating matters. During the holiday shopping season, fraud detection systems have a difficult time distinguishing between legitimate transactions and fake ones. Paul Kocher, president of Cryptography Research, a company that develops technologies to prevent fraud, said, ““This is the perfect storm” for vulnerability to hackers. There has been no information released about who was behind the attack, how they got in, or what Target’s total cost may be.
While the theft was hardly the worst security breach among big retailers in recent years, security experts say the hacking of Target’s customer information is a reminder of the security problems facing many retailers. A similar break-in in 2007 at T. J. Maxx resulted in 90 million customers having their data stolen. In 2009, a breach of Heartland Payment Systems, a card processor, resulted in 130 million stolen card numbers, the biggest on record.
Even if Target had installed the most cutting-edge security, security experts said it would not be surprising if hackers found a way in. Steven M. Elefant, a managing director of Soaring Ventures, said, “It’s a game of cat and mouse. We’re dealing with sophisticated bad guys that have many ways to attack.” Weaknesses in the way payment information travels between retailers and banks can easily be exploited by determined criminals and these crimes can net criminals plenty of money on the black market when they sell stolen credit card numbers.
Stolen credit card numbers can go for as little as a quarter or as much as $45 each on the black market. So far, American companies have resisted the adoption of smart-chip cards, a type of credit card that provides better security. The United States accounts for more than 47 percent of global credit card fraud, while generating only 24 percent of card spending. Smart-chip cards are widely used in Europe and more than 80 countries around the world use chip technology.