News

Target confirms PIN data was stolen in breach

Target confirmed Friday that debit card PIN data was stolen in its recent massive breach, reversing its earlier stance that the codes were not part of the hack.

However, the retailer believes the PINs remain “safe and secure.” In a statement, Target(TGTFortune 500) spokeswoman Molly Snyder said the PINs are “strongly encrypted” and were never stored on Target’s systems in plain text.

In other words, from the moment a customer entered a PIN after swiping a debit card, Target’s payment system translated that number into an indecipherable string of code. Target claims that the PINs remained encrypted after they were stolen.

Not only are the PINs encrypted, Target says the numbers can only be decrypted by the independent payment processor, which holds the decryption key. That key is necessary to translate the unintelligible code back into the PIN. Target said the key was not stolen as part of the breach, because it never existed within the company’s systems.

Target says it uses the Triple Data Encryption Standard to encrypt its PIN codes. Per Thorsheim, an Independent password security consultant, said the PINs encrypted with the Triple DES algorithm would be “difficult or impossible to decrypt,” if the payment processor’s decryption key was robust enough. Target declined to comment on the identity of its payments processor.

That means it is very unlikely that thieves would be able to withdraw money from ATMs using stolen debit card information. Consumers are protected from certain instances of debit card fraud, but cash withdrawals and purchases made with a PIN can be tricky to reverse.

As a precaution, Target customers who shopped at Target when the breach occurred should contact their banks to request a replacement card and change their PIN.

The PIN theft revelation means that Target’s payment systems breach was larger than initially thought. That is common in credit card breaches. When Marshalls’ and TJ Maxx’s parent company TJX (TJXFortune 500) was hit with a massive breach in 2007, the company initially said 45 million accounts were hacked but upped that number to 94 million months later.


Share and Enjoy

Posted In: EHR News

About The Author

Joseph Sabeh Jr.

Please let me introduce myself, I am Joseph Sabeh, Jr a full time licensed professional realtor. I have been with Executive Homes Realty for over 13 years and was trained by my late father and Broker, Joseph Sabeh. I recently incorporated the company and we moved the office to 43513 Mission Blvd just last summer. I could not have found a more honorable place to work. After earning my experience selling high end Ralph Lauren suits and studying business management in southern California, I decided to pursue my dream of selling real estate and working with my father. He had already had such an excellent reputation and established a niche market of high end clientele that catered to the very best. I wanted to become the consummate professional just like him and have strived to become just that being just a phone call or email away from getting back to my client’s immediate needs! Known by my clients for my tenacity, perseverance , and excellence in negotia- tion(Certified Negotiation Expert), I have always strived to meet my clients high demands and goals. As a result of my professionalism, I have achieved an extensive portfolio of referrals from past and present clients. I credit my current values from my upbringing of my parents and the credit is due to them without question. Their integrity, pride, and willingness to sacrifice for the better of my life and my sister’s always left a mark on me that one day I will pass on. Their desire to achieve a better life and live it to the fullest is one that some families dream of and I certainly am appreciative of all of the education and etiquette I have learned from them both. I have sold condos up to 3.2 million dollar homes and I am here for any and all of your future real estate needs and wishing you the very best experience in your future real estate endeavors with me.

No Comments

No comments yet.



Leave a comment

RSS feed for comments on this post. TrackBack URL