As many as 40 million credit and debit card account holders may have been recently exposed to a massive breach involving 1,797 Target stores nationwide, as well as 124 Canadian-based locations.

target breached

 

According to Krebs On Security, the initial data breach was thought to have occurred between Black Friday and Dec. 6. However, recent evidence has emerged indicating that the breach might have extended until as recently as Dec. 15.

Right now there is no concrete number indicating exactly how many customers have been affected. An anonymous source from a data breach investigation firm confirmed, however, that this data breach will go down as one of the largest retail infiltrations to date.

“The breach window is definitely expanding,” claimed an anonymous anti-fraud analyst from a major U.S. bank to Krebbs. “We can’t say for sure that all stores were impacted, but we do see customers all over the U.S. that were victimized.”

The data stolen included credit and debit card numbers, card expiration dates, customer names and three-digit security codes found on the backs of cars. The attack was a physical attack, as it affected those who swiped cards at checkout terminals during the aforementioned dates.

Right now, Target is in the process of addressing the issue and is currently working with law enforcement officials as well as a forensics team to identify the source of the heist. Target is currently working to resolve customer relations, though it is expected that the breach will also affect consumer trust which, in turn, could negatively impact sales. As a result of the breach, Target’s stock fell 1.8 percent to $62.40.

Still, the problem extends much deeper.

As the Krebs blog goes on to explain, the imminent danger currently facing consumers is that the type of data that was stolen is “track data.” This type of information provides criminals with the ability to create counterfeit cards by encoding data built with magnetic strips. All a thief needs is a PIN number, in other words, to reproduce cards and withdraw cash from ATM machines. There is no way of calculating just how far the extent of the damage will spread.

Consumers who may have been affected are advised to be on the lookout for suspicious account activity and to report anything out of the ordinary to local officials.

Entrust Datacard