Target: 1.2M NC card users affected by security breach

Posted December 23, 2013 11:36 a.m. EST
Updated December 23, 2013 5:24 p.m. EST

— Target says an estimated 1.2 million North Carolina card users might have had their credit and debit card accounts exposed over a three-week period in which more than 40 million accounts nationwide were stolen as part of a security breach.

The discount store announced Thursday that it discovered the breach which affected customers who swiped their cards at a store between Nov. 27 and Dec. 15.

It does not affect customers who made online purchases.

Customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the card were stolen.

"We believe that approximately 1,212,000 of the potentially involved accounts had transactions in North Carolina," the company said in a notice filed Friday with the North Carolina Attorney General's Office.

The state requires the notice, obtained Monday by WRAL News, as part of the Identity Theft Protection Act of 2005.

The company, however, said it couldn't be sure how many of those affected cards belonged to residents of North Carolina since its point-of-sale terminals don't record customers' mailing addresses.

According to the notice, Target discovered the breach Dec. 15.

The company has not disclosed exactly how the breach occurred but said it has fixed the problem and is working with a third-party forensics firm to investigate and prevent future problems.

A spokeswoman said Monday that it's also working with the U.S. Secret Service and the U.S. Department of Justice.

The retailer has advised customers to check their statements carefully and to report suspicious charges to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.

"Target's first priority is preserving the trust of our guests, and we have moved swiftly to address this issue, so guests can shop with confidence," Chairman, President and CEO Gregg Steinhafel said Thursday in a statement.

The theft marks the second-largest credit card breach in U.S. history, exceeded only by a scam that began in 2005 involving retailer TJX Cos. and affected at least 45.7 million card users.