State and Nation Business

Target: Customers' encrypted PINs were obtained

A passer-by walks near an entrance to a Target retail store in Watertown, Mass, earlier this month Target on Friday said that customers' encrypted PIN data was removed during the data breach that occurred earlier this month. But the company says it believes the PIN numbers are still safe because the information was strongly encrypted.
A passer-by walks near an entrance to a Target retail store in Watertown, Mass, earlier this month Target on Friday said that customers' encrypted PIN data was removed during the data breach that occurred earlier this month. But the company says it believes the PIN numbers are still safe because the information was strongly encrypted.

ATLANTA – Target says customers' encrypted PIN data was removed during the massive data breach that occurred earlier this month.

Previously Target had said that encrypted data was stolen but stopped short of identifying it as PIN numbers. The company issued a statement Friday, however, saying that additional forensic work has shown that encrypted PIN data was removed along with customers' names and card numbers.

A PIN number is the personal identification code used to make secure transactions on a credit or debit card.

Data connected to about 40 million credit and debit cards used at Target were stolen between Nov. 27 and Dec. 15. Security experts said it's the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

In addition to the encrypted PIN numbers, the stolen data from Target included customer names, credit- and debit-card numbers, card expiration dates and the embedded code on the magnetic strip on back of the card.

Target said it believes the PIN numbers are still safe because the information was strongly encrypted. The retailer said that PIN information is encrypted within its systems and can only be decrypted when it is received by its external, independent payment processor.

"We remain confident that PIN numbers are safe and secure," spokeswoman Molly Snyder said in an emailed statement. "The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems."

Minneapolis-based Target said it is still in the early stages of investigating the breach. It has been working with the Secret Service and the Department of Justice.

Loading more

Digital Access

Digital Access
Access nwherald.com from all your digital devices and receive breaking news and updates from around the area.

Home Delivery

Home Delivery
Local news, prep sports, Chicago sports, local and regional entertainment, business, home and lifestyle, food, classified and more! News you use every day! Daily, weekend and Sunday packages.

Text Alerts

Text Alerts
Stay connected to us wherever you are! Get breaking news updates along with other area information sent to you as a text message to your wireless device.

Email Newsletters

Email Newsletters
We'll deliver news & updates to your inbox. Plan your weekend and catch up on the news with our newsletters.