Target Admits Data Breach May Have Up To 110 Million Victims

Nerval's Lobster writes "Retail giant Target continues to drastically downplay the impact of the massive data breach it suffered during December, even while admitting the number of customers affected is nearly twice as large as it had previously estimated. Target admitted today the massive data breach it suffered during the Christmas shopping season was more than twice as large and far more serious than previously disclosed. A Jan. 10 press release admits the number of customers affected by the second-largest corporate data breach in history had increased from 40 million to 70 million, and that the data stolen included emails, phone numbers, street addresses and other information absent from the stolen transactional data that netted thieves 40 million debit- and credit-card numbers and PINs. 'As part of Target's ongoing forensic investigation, it has been determined that certain guest information — separate from the payment card data previously disclosed — was taken during the data breach' according to Target's statement. 'This theft is not a new breach, but was uncovered as part of the ongoing investigation.' The new revelation does represent a new breach, however, or at least the breach of an unrelated system during the period covered during the same attack, according to the few details Target has released. Most analysts and news outlets have blamed the breach on either the security of Target's Windows-based Point-of-Sale systems or the company's failure to fulfill its security obligations under the Payment Card Industry Data Security Standard (PCI DSS)."

Re:That's the whole country

[girlintraining]

According to the Census Bureau, there're about 115 million households in the US. Target has basically admitted that the theft amounts to their entire database.

*facepalm* A household is not the same as an individual. And most people own not one card, but an average of about 3.7. Currently, over 391 million credit card accounts exist in the United States. 115 million equals 29.4% of that. Further, I don't know what you consider "their entire database", since the census bureau tracks the number of households and other population data, not the number of valid credit card numbers Target has. But let's not quibble over details...

I'd like to think that this would mean the end of the credit reporting rackets; how can anybody even pretend any more that that data is meaningful when this sort of fraud is taking place?

Yes, let's just give up and go back to checks -- nobody ever committed fraud with those! Oh wait, they did? Umm, how about just cash transactions? Damn! Foiled again. Umm, gold? Wait, you can fake gold? How about the barter system? They got to that too? I guess I'll just have to move into the mountains, far away from any other person, and live off the land like our ancestors did, forsaking all advancements of civilization.

Or I could come up with some kind of social framework, something with a nice ring to it, like the Rule of Law. Sounds impressive. Let's go with that.

But I also wanted to think that the Snowden revelations would have meant the end of the NSA, so clearly I'm not somebody anybody is paying or should pay attention to.

You know, mentioning Snowden or the NSA in any reference to civil liberties or privacy should invoke some kind of response similar to Godwin'ing a thread. "You know who else liked data breaches..." Snowden didn't have any "revelations". The revelations were that there's a spy agency that (wait for it) spies on people. It's like saying Microsoft develops software is a revelation. And no, the NSA didn't just implode because some cheeky twenty-something dropped drawers and mooned them, anymore than Target's going to simply shutter up and crawl into a corner to die quietly in retail exile.

It may be exceedingly inconvenient that people can say and do stupid things with such regularity and suffer no long-term effects but that's about it. If you're expressing surprise or admonishment over this state of affairs, you clearly need to get out more.