Tracking inflation What to do with yours Best CD rates this month Shop and save 🤑
BUSINESS
United States

Target says hackers stole credentials from vendor

Melanie Eversley
USA TODAY
  • Target says it has taken extra precautions since Dec. 15 breach
  • Attorney General has vowed government will find people and groups involved
  • Target says it is working with the Secret Service and the Justice Department

Data stolen from about tens of millions of Target customers during a massive breach was stolen from a vendor, Target stores said on Wednesday.

A Target store in Voorhees, N.J.

"We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor's credentials which were used to access our system," Target spokeswoman Molly Snyder said Wednesday night in an e-mail about the breach that took place between Nov. 27 and Dec. 15.

The Minneapolis-based retailer confirmed on Dec. 15 that the breach had taken place and has also blocked the access and eliminated the malware involved, Snyder said. The breach involved 40 million debit and credit card numbers and personal information for 70 million more people.

"In addition, since that time we have taken extra precautions such as limiting or updating access to some of our platforms while the investigation continues," she wrote.

Snyder said she could not say much more because of the ongoing nature of the investigation.

The Secret Service has confirmed it is helping with the data violation, which began around Black Friday, the day after Thanksgiving and busiest shopping day of the year.

Target has almost 1,800 stores in the United States and 124 in Canada, according to its website.

During an appearance before the Senate Judiciary Committee on Wednesday, U.S. attorney general Eric Holder confirmed the Justice Department is investigating the breach and that it is committed to finding the perpetrators of "these sorts of data breaches."

Earlier in January, two Mexican citizens were arrested as they tried to enter the United States in Texas after they were caught with 96 credit cards cloned with account information from the Target breach.

Some officials, however, said the arrests were not connected to the Target data theft.

Featured Weekly Ad