New York, NYThe computer virus that hit Target just before Christmas, appears to have affected more people than originally thought. The virus resulted in a data breach of names, home and e-mail addresses for as many as 70 million people, more than the original 40 million stated in December, although it’s believed there may be overlap between the two groups of account data.
According to a report by
Bloomberg.com, the breach occurred when a computer virus infected Target’s point-of-sale terminals where shoppers swipe a credit or debit card to make a purchase. The breach affected many types of credit and debit cards used at the stores, not just Target-branded cards. According to a statement issued by Target, the so-called track data was stolen in real time as payment cards were swiped in its stores between November 27, the day before Thanksgiving, and December 15.
READ MORE Internet Privacy LEGAL NEWS
Target is already facing nearly two dozen lawsuits claiming the company failed to properly safeguard customer’s information. Among them is a
data breach class action lawsuit filed by Lisa Purcell of California that states “ Investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores.” And “The thieves may also have accessed PIN numbers for affected customers’ debit cards, allowing the thieves to withdraw money from those customers’ bank accounts. Thieves could not have accessed this information and installed the software on Target’s point-of-sale machines but for Target’s negligence, and that Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach.”
The US Secret Service said it is investigating the breach, along with two states’ attorneys general.