Target says that about 40 million credit and
debit card accounts may have been affected by a data breach that occurred just
as the holiday shopping season shifted into high gear.
The chain said that accounts of customers who
made purchases by swiping their cards at terminals in its U.S. stores between
Nov. 27th and Dec. 15th 2013, may have been exposed.
The stolen data includes customer
names, credit and debit card numbers, card expiration dates and the three-digit
security codes located on the backs of cards. The data breach did not affect
online purchases.
The Minneapolis company said it
immediately told authorities and financial institutions once it became aware of
the breach and that it is teaming with a third-party forensics firm to
investigate the matter and prevent future breaches. It said it is putting all
“appropriate resources” toward the issue.
Target Corp. advised customers to check their statements
carefully. Those who suspect there has been unauthorized activity on their
cards should report it to their credit card companies and call Target at
866-852-8680. Cases of identity theft can also be reported to law enforcement
or the Federal Trade Commission.
* The Washington Post 12/19/13
Please access the Target Stores Corporation link below for specific details on states that have laws requiring businesses to notify consumers when a "data breach" has occurred.
Michigan Law: IDENTITY
THEFT PROTECTION ACT (EXCERPT)
Act 452 of 2004 445.72 Notice of security breach; requirements.
MI's Law - Identity Theft Protection Act, Notice of security breachAct 452 of 2004 445.72 Notice of security breach; requirements.