As many as 40 million credit card numbers, expiration dates, names, and CVV codes may have been stolen from Target stores in the period between the day after Thanksgiving and Dec 15, the Wall Street Journal reports.
The Secret Service is investigating the breach of the company’s payment security systems, which appears to have happened in many of Target’s 1,797 stores in the US, not online, people close to the situation were quoted as saying.
The New York Times quoted security experts as saying this should serve as a reminder of security problems facing many retailers that won’t easily go away. Stolen credit card numbers can go for as little as a quarter or as much as $45 each on the black market.
American companies have other options, such as smart chips embedded in the credit cards themselves, which would make it unnecessary to store information in the magnetic stripe. This method is more common in Europe than in the US, though.
One of the biggest contributing flaws in the system here appears to be the many weaknesses in transmission of payment information from retailers to banks. As the information flows from one system to another, it changes hands and can be stolen if the system is vulnerable.
Here’s the problem: if there are vulnerabilities in payment systems that let criminals steal 40 million credit card numbers, how vulnerable do you imagine a system like inBloom would be? We’re thankful that so many school boards and politicians came to their senses about inBloom, because, as this breach shows, if no-good people want to get some piece of data, they can get it.
Now, the next big hurdle: the massive multi-state testing consortia that will begin field testing online examinations this spring and go into live mode next year. Given the healthcare website problems and the Target credit card breach, I am not optimistic. The people safeguarding our children’s data can’t possibly be as good as those who safeguard Target’s money or the health and welfare of Americans. It’s not exactly giving me a warm and fuzzy feeling inside.