If you shopped at Target recently you are probably nervous enough about your identity being stolen or losing money from your checking account. It is important to protect yourself and check all of your credit cards and accounts regularly to see if there are any unauthorized transactions. Most credit cards and companies have been very good about keeping their account holders savvy on the breach, however there is now scammers looking to take advantage of you via phishing.
SC Magazine recently wrote an article discussing this very issue. “It is very common for phishers to concoct schemes to scam people impacted in data breaches, particularly because they can capitalize by taking advantage of nerves and paranoia in the midst of a potentially confusing and scary situation.”
Target posted this last week addressing the phishing reports; “We are aware of limited incidents of phishing or scam communications… To help our guests feel confident that what they are hearing from Target is really from us, we are in the process of setting up a dedicated resource on our corporate website where we will post PDFs of all official communications that Target sends to our guests.”
On Christmas day there was information released that PIN numbers were also compromised during the attack on their systems. However, it was later reported via a Target press release that no PIN numbers were exposed to the hackers because Target does not keep PIN numbers within their data system.
The press release from Target was as follows; “Target does not have access to nor does it store the encryption key within our system,” according to the release. “The PIN information is encrypted within Target’s systems and can only be decrypted when it is received by our external, independent payment processor.”
The root of this exposure has yet to be exposed, however it is believed that the card readers were compromised resulting in the breach.