• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Target customers' encrypted PINs stolen

T

TellMeWhy

Alfrescian (Inf)
Asset
Joined
Jul 22, 2012
Messages
398
Points
0

Target customers' encrypted PINs stolen

AP December 28, 2013, 2:24 pm

20131228_target_1280x720-19bshdq.jpg


Target says debit-card PINs were among the financial information stolen from millions of customers who shopped at the US retailer earlier this month.

The company said the stolen personal identification numbers, which customers type into keypads to make secure transactions, were encrypted and that this strongly reduces risk to customers.

In addition to the encrypted PINs, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the cards were stolen from about 40 million credit and debit cards used at Target stores between November 27 and December 15.

Security experts say it's the second-largest theft of card accounts in US history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

"We remain confident that PIN numbers are safe and secure," spokeswoman Molly Snyder said in an emailed statement Friday.

"The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems."

However, Gartner security analyst Avivah Litan said Friday that the PINs for the affected cards are vulnerable and people should change their codes since such data has been decrypted, or unlocked, before.

In 2009 computer hacker Albert Gonzalez pleaded guilty to conspiracy, wire fraud and other charges after masterminding debit and credit card breaches in 2005 that targeted retailers such as T J Maxx, Barnes & Noble and OfficeMax. Gonzalez's group was able to unlock encrypted data.

Litan said changes have been made since then to make decrypting more difficult but "nothing is infallible."

"It's not impossible, not unprecedented (and) has been done before," she said.

Besides changing your PIN, Litan says shoppers should instead opt to use their signature to approve transactions because it is safer. Still, she said Target did "as much as could be reasonably expected" in this case.

"It's a leaky system to begin with," she said.

Credit card companies in the US plan to replace magnetic strips with digital chips by late 2015, a system already common in Europe and other countries that makes data theft more difficult.

 
You must log in or register to reply here.

Similar threads

disconsolate
Why do travellers put their valuables in the plane overhead compartment???
Replies
7
Views
269
True Believer
T
disconsolate
DBS employee Huang Pin Wen jailed for accessing customer data, passing details to moneylender and bookie
Replies
3
Views
306
rocket
rocket
P
Chitchat HK Chiobu FT create good jobs by stealing Credit Cards and Cash!
Replies
8
Views
989
k1976
k1976
LITTLEREDDOT
His credit card debt with DBS grew from $647 to $11k while DBS CEO given shares worth $94 million
Replies
1
Views
191
LITTLEREDDOT
LITTLEREDDOT
P
Chitchat Jiuhukia used stolen card details to shop in Parkway Best Denki!
Replies
0
Views
232
Pinkieslut
P
Back
Top