Friday, January 10, 2014

Scope of Target data breach nearly double original estimate: Company

The scope of the recently announced Target data breach has gotten larger. The company, which at first said that the breach was limited to 40 million credit and debit card in-brick-and-mortar store customers announced on Friday (in a press release) that it now believes that the breach affected 70 million customers and included names, mailing addresses, phone numbers, and e-mail addresses.

This means that -- unlike its previous announcement, which said the data was stolen from pinpads during transactions made between Nov. 27, 2013 and Dec. 15, 2013, the data included online only data from customer accounts, as well.

Gregg Steinhafel, chairman, president and chief executive officer at Target, said:
I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this. I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.
Target added that affected customers will suffer no liability for any fraudulent charges. The company will also offer one free year of credit monitoring and identity theft protection.

Those monitoring such breaches will note that credit monitoring companies are the recipients of a lot of revenue based on these break-ins, as -- typically -- those companies that saw the break-ins are forced to pay for such free services.

Unsurprisingly, Target said it saw its sales drop off following the announcement of the break-in. The following key points were noted in the press release:
  1. Stronger-than-expected fourth quarter sales prior to the Company’s December 19, 2013, announcement of a payment card data breach;
  2. Meaningfully weaker-than-expected sales since the announcement, which have shown improvement in the last several days, and;
  3. A comparable sales decline of (2)% to (6)% for the remainder of the quarter.
Target also said that In addition, fourth quarter 2013 GAAP earnings-per-share may include charges related to this data breach. However, Target is unable to estimate such charges at this time.

As of late morning, Pacific Time, Target's stock was relatively unchanged, dropping $0.75 (-1.18 percent).

No comments: