Attention Target shoppers: Security breach affects up to 40 million credit card, debit card accounts

NEW YORK - Target says up to 40 million card accounts may have been affected by a recent data breach.

This comes after the Secret Service announced Wednesday they were investigating a credit- and debit-card data theft at Target stores.

Secret Service spokesman Brian Leary confirms the agency is investigating, but declined to provide further details.

Customers who used a credit or debit card at Target between Nov. 27 and Dec. 15 may have been hacked, CNN reported.

Minneapolis-based Target Corp. did not respond to requests for comment. A MasterCard representative referred questions to Target.

Target has 1,797 stores in the U.S. and 124 in Canada.

Paul Hartwick, spokesman for Chase Bank, one of the largest U.S. credit card issuers, helped break down what to do if your credit or debit card has been affected. 

Q: How do I know if my credit card data was stolen?
A: Target officials said if you shopped at one of the stores between Nov. 27 and Dec. 15, 2013, you should check your account for unusual activity. This is not limited to Target-card holders. Anyone who used a credit card at the stores could be affected.
"The best way to figure out whether your account has been breached is keep an eye on your account. Look for transactions you don't recognize. The good news is that Chase and many other banking institutions will not hold you liable for these charges," said Hartwick. 
 
Q: How is Target handling the security breach?
A: In an announcement posted to its website this morning, Target officials did not say when they first learned of the breach but it has been investigating. Target has alerted authorities and financial institutions and urged credit card users to work with the three credit reporting companies if fraudulent activity is suspected. 
 
Q: Has the issue been resolved?
A: Target said in its announcement that the data issue is resolved.
 
Q: What should I do if my card has been breached?
A: The first step is to contact your banking institution. Often there will be a number on the back of your card, according to Hartwick. The important thing to remember, he said, is that you can continue to use your card normally. Target Corp. also suggested in a release to contact the Federal Trade Commission or law enforcement to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft.  To learn more, you can go to the FTC’s Web site, at www.consumer.gov/idtheft, or call the FTC, at (877) IDTHEFT (438-4338) or write to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.
 
Q: Is it possible to recover any money stolen from credit or debit accounts?
A: Chase Bank, in addition to many other U.S. banks, will not hold you liable for fraudulent charges as long as they are identified in a timely manner.
 
Q: What information do the data thieves have access to?
A: According to Target Corp., the information involved in this incident included customer name, credit or debit number, card's expiration date and security code. 
 
Q: How did the Target security breach happen?
A: As of Thursday morning, officials have not said how the breach occurred or if they know who is responsible.
 
Q: Might such a large security breach become more common in the future?
A: Bad guys are always at work, and it's important that merchants as well as customers stay aware, Hartwick said.
 
Q: What are best practices a consumer can keep in mind to avoid this happening again?
A: A large amount of fraud is stopped before it starts, according to Hartwick. "Chase and other banks often monitor accounts for suspicious activity and stop fraud before you ever see it on your account," he said. It's still important, however, to check your bank account regularly and make sure there are no charges that you don't recognize. "The biggest and best thing customers can do is be aware, shop at reputable places such as Target, monitor your account information, be in contact with your card issuer and be aware."