Retail chain Target confirmed on Thursday that customers’ personal data was accessed in a massive unauthorized breach between Black Friday weekend and early this week.
“Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013. Target alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts,” Target said in a statement Thursday.
{mosads}Target is working closely with financial institutions and law enforcement, the statement said.
The Secret Service is investigating the breach, a spokesman confirmed to The Hill.
Secret Service officials regularly investigate major hacks that involve credit card information.
Customers’ names, debit and credit card numbers, card expiration dates, and their security codes were involved in the breach, Target warned customers in a notice on its website Thursday.
“We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future,” Target said.
Visa said Thursday it’s aware of the data breach, and wants customers to know they have a policy of zero liability, so that they won’t be charged for suspicious or fraudulent transactions.
Most major card companies offer this policy.
““Visa is aware that Target has disclosed unauthorized access to payment card data affecting all major card brands,” Visa said in a statement. “When such incidents occur, Visa works with the breached entity to provide card issuers with the compromised accounts so they can take steps to protect consumers through fraud monitoring and, if needed, reissuing cards.”
Target operates 1,921 stores, most of which are based in the United States.
— This post was updated at 12:14 p.m.