Target admits PIN numbers were stolen in data breach

Tools

by John Cuoco

MILWAUKEE- Target admitted Friday that the data breach at the retail giant did include PIN numbers of customers.

Initially Target said PIN numbers were not compromised.

However, Target still said they remain confident that PIN numbers are safe and secure because the PIN information was fully encrypted at the keypad, remained encrypted within their system, and remained encrypted when it was removed from their systems.

They explained by  saying:

"When a guest uses a debit card in our stores and enters a PIN, the PIN is encrypted at the keypad with what is known as Triple DES. Triple DES encryption is a highly secure encryption standard used broadly throughout the U.S. 

Target does not have access to nor does it store the encryption key within our system. The PIN information is encrypted within Target’s systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the “key” necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident."

It's expected 40 million customers had their accounts hacked.

Local Credit Unions and Banks have posted warnings and tips on their websites advising customers what to do.

If you think you may have been a victim you should contact your bank or credit union.
 

Poll

Should employers be able to ask applicants for social media log in information?

  • Yes
  • No