Target confirmed Friday that "strongly encrypted" personal identification numbers (or PINs) for debit cards were stolen in a massive security breach in stores earlier this month, but assured customers that the PIN numbers themselves are still safe.
"While we previously shared that encrypted data was obtained, this morning through additional forensics work we were able to confirm that strongly encrypted PIN data was removed," the company said in a statement. "We remain confident that PIN numbers are safe and secure. The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems."
See also: Is Target to Blame for Data Breach? Let the Lawsuits Begin
Reuters reported on Tuesday that PINs had been taken as part of the breach, but Target initially denied the claim. "We continue to have no reason to believe that PIN data, whether encrypted or unencrypted, was compromised," a spokesperson said at the time.
Though Target is now admitting some PINs were stolen, it emphasized that the "key" needed to decrypt this sensitive data was not stored on its systems and therefore was not compromised in the breach. Even so, the news will likely be viewed as another black eye for the retailer.
Target first revealed last week that a massive data breach impacted its stores between Nov. 27 and Dec. 15, the busiest shopping period of the year, potentially impacting 40 million credit and debit card accounts. Since then, reports have surfaced that some stolen credit cards are flooding into the black market. Now, lawsuits against the retailer are starting to pile up as well.
Other companies have weathered similar or even worse security breaches in recent years, but Target's brand reputation appears to have taken a hit. YouGov's BrandIndex, which tracks consumer perception based on 5,000 daily interviews online, found that Target's perception dropped more in one day than brands like PlayStation or CitiBank did after revealing similar breaches, and it continued to decline.
Target stock was down about 0.5% on the day following the disclosure about the PIN data.
Image: Alex Wong/Getty
অনলাইনে ছড়িয়ে ছিটিয়ে থাকা কথা গুলোকেই সহজে জানবার সুবিধার জন্য একত্রিত করে আমাদের কথা । এখানে সংগৃহিত কথা গুলোর সত্ব (copyright) সম্পূর্ণভাবে সোর্স সাইটের লেখকের এবং আমাদের কথাতে প্রতিটা কথাতেই সোর্স সাইটের রেফারেন্স লিংক উধৃত আছে ।