retail news in context, analysis with attitude

Target confirmed this morning that it is "aware of unauthorized access to payment card data that may have impacted certain guests making credit and debit card purchases in its U.S. stores. Target is working closely with law enforcement and financial institutions, and has identified and resolved the issue."

Some 40 million credit and debit card accounts may have been illegally accessed between Nov. 27 and Dec. 15, 2013.

The Chicago Tribune writes that "investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores, according to the person who was not authorized to discuss the matter and declined to provide further details.

"Krebs on Security, a closely watched security industry blog that broke the news, said the breach involved nearly all of Target's 1,797 stores in the United States, citing sources at two credit card issuers."
KC's View:
Here's the passage from the Tribune story that really grabbed my attention…

It is not yet clear how the attackers were able to compromise point-of-sales terminals at so many Target stores across the country. Doing so would have required careful planning by sophisticated cyber criminals.

Nothing like these sorts of sentiments to warm the heart and mind.