Target Corp.'s holiday data breach was bigger than the company had previously said, penetrating more systems and compromising a new set of personal information affecting up to 70 million people.
The operator of nearly 1,800 U.S. stores said the data included a mix of names, mailing addresses, phone numbers and email addresses—information that is semipublic but which law-enforcement officials said is valued by thieves who could use it to lure victims with fake emails or hack into other accounts.
Target said the information was stored separately from the 40 million credit and debit card accounts that the company had previously said were affected. There was some overlap between the two sets of stolen data, but Target didn't say how extensive it was. The entry point for the attack has been identified and closed, spokeswoman Molly Snyder said.
Late Friday, luxury retailer Neiman Marcus Inc. said it too was the victim of a suspected cyberattack over the holidays in which some of its customers credit-card information may have been stolen.
The U.S. Secret Service, which often handles credit-card fraud, is investigating the matter, a Neiman Marcus spokeswoman said. It is unclear how many customers may have been affected. Krebs on Security, a computer security blog, reported the Neiman Marcus breach earlier.
The back-to-back disclosures by two household names are likely to heighten shoppers' concerns about the security of their personal and financial data.Read the rest of the story HERE.
The new batch of information compromised in Target’s data breach isn’t as sensitive as financial details, but it could make you an easier target for thieves. The retailer said up to 70 million people’s names, phone numbers or email addresses had been stolen, in a disclosure that widened the scope of the holiday-season hack that also compromised 40 million credit and debit card accounts. Here’s why you need to be on the lookout.
My email is already semi-public. Is this really a problem?
Yes. Avivah Litan, a Gartner security analyst, said the personal information stolen is “very valuable” for frauds in which criminals call or email victims with pitches designed to reflect their actual circumstances to trick them into providing more valuable information, such as a Social Security number or driver’s license. Fraudsters generally combine information stolen from a variety of breaches to create a fuller picture of potential victims, she said. “The criminals are collecting as much as they can from everyone,” Ms. Litan said.
Are there other uses for the data?
Yes. Personal data also is useful for fraudulent online shopping, where a criminal would need a name, address or phone number to complete an online form.
What should I do?
The Federal Trade Commission’s Bureau of Consumer Protection warned after the Target breach that consumers should watch out for phony “Target” emails that pretend to offer help but in fact are attempts to steal information. Fraudsters have gotten very good at making these emails look real, experts warn.Read the rest of this article HERE.
If you like what you see, please "Like" us on Facebook either here or here. Please follow us on Twitter here.
No comments:
Post a Comment