This means that -- unlike its previous announcement, which said the data was stolen from pinpads during transactions made between Nov. 27, 2013 and Dec. 15, 2013, the data included online only data from customer accounts, as well.
Gregg Steinhafel, chairman, president and chief executive officer at Target, said:
I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this. I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.Target added that affected customers will suffer no liability for any fraudulent charges. The company will also offer one free year of credit monitoring and identity theft protection.
Those monitoring such breaches will note that credit monitoring companies are the recipients of a lot of revenue based on these break-ins, as -- typically -- those companies that saw the break-ins are forced to pay for such free services.
Unsurprisingly, Target said it saw its sales drop off following the announcement of the break-in. The following key points were noted in the press release:
- Stronger-than-expected fourth quarter sales prior to the Company’s December 19, 2013, announcement of a payment card data breach;
- Meaningfully weaker-than-expected sales since the announcement, which have shown improvement in the last several days, and;
- A comparable sales decline of (2)% to (6)% for the remainder of the quarter.
As of late morning, Pacific Time, Target's stock was relatively unchanged, dropping $0.75 (-1.18 percent).