action:article | category:NEWS02 | adString:NEWS02 | zoneID:39

Home » News » Business

December 19. 2013 7:44PM

Target cyberthieves score a bullseye on retailer's credit card data

Merrimack resident Chris Mauser found the Target on Amherst Street in Nashua busy but not packed Thursday afternoon, following the company's announcement that about 40 million debit and credit cards may have been surreptitiously accessed in recent weeks.

There were no lines at the registers, Mauser said, and customers were still swiping credit cards to pay for purchases. But not her.

"I usually don't carry a lot of cash with me when I shop, but today I stopped at the bank to make sure I had some money," said Mauser, who added that she plans to continue to shop at the store.

Target can only hope the rest of its customers will be as loyal. The company's challenges come as U.S. retailers gear up for the end of the holiday shopping season, which ShopperTrak predicts will be the slowest since 2009.

The last thing Target needs right now as rivals pour on the discounts in a last-ditch grab for market share is for its customers to wonder if they should use their cards, said Ken Perkins, an analyst for Morningstar Inc. in Chicago.

"The timing could be a concern, especially only a few days before Christmas," he said in an interview.

Target, the second-largest U.S. discount chain, said law enforcement is investigating the matter. The data were breached between Nov. 27 and Dec. 15, the Minneapolis-based company said in statement. Target said it alerted authorities and financial institutions immediately and has now identified and resolved the issue. The Secret Service said Wednesday that it was probing the incident, and the company said it's working closely with law enforcement to bring those responsible to justice.

Target owns nine stores in New Hampshire: Bedford, Concord, Greenland, Hooksett, Keene, Nashua (two locations), Salem and Somersworth.

Nashua resident Laura Sullivan, who was also shopping at Target on Amherst Street on Thursday, said she had her personal information stolen after using a credit card at a wholesale buyers club several years ago.

"It took two years to straighten it out," she said, adding that the store didn't offer much help. Since then, Sullivan has been diligent about checking bank statements.

"It's the consumer's responsibility to watch out for themselves," said Sullivan, who added that prepaid cash cards are one way to avoid the risk.

Nashua resident Laura Napiorkowski said she lives a few miles from the Amherst Street Target and shops there often. "I paid cash today," she said as she loaded a few bags into the trunk of her car.

"I was surprised by the size of the problem," she said, adding that she still likes Target and still plans to shop at the store. "We just need to be careful."

Banks were quick to post notices and consumer tips on their websites alerting customers about the Target breach. St. Mary's Bank and Bank of New Hampshire, for example, both included assurances they monitor potential fraud and that customers' accounts were protected.



Kelley Porter, who was shopping at the Target in Hooksett on Thursday, said she is nervous her account is now exposed, but while she hasn't discussed it with Target officials, she is keeping an eye on her Target REDcard debit account.

"I have checked my account, and I don't see any weird transactions, but with the breach I am nervous," she said. "I have been checking online for any news on the situation. If I notice anything I will file something. I hope I will get a new card in the mail. I would hope Target does that at a minimum."

Becky Flagg of Concord said she was nervous should could lose all her money "right before Christmas when I still have to buy some last minute gifts."

"Everyone at work has been talking about this, and a bunch of people are headed over here to make sure everything is OK," Flagg said in Hooksett. "And just to be sure, I have been checking my debit card to make sure nothing has been charged."

Online shoppers at Target.com might be spooked too, given that a link across the top of the site Thursday read: "important notice: unauthorized access to payment card data in U.S. stores."

"Target's first priority is preserving the trust of our guests, and we have moved swiftly to address this issue, so guests can shop with confidence," Gregg Steinhafel, chief executive officer of Target, said in the statement.

Brian Leary, a spokesman for the Secret Service in Washington, confirmed the agency is probing the matter while declining to comment further because the investigation is under way.

While the agency is best known for protecting the President, it was created in 1865 to fight currency counterfeiting. That role was expanded over the years to include certain kinds of fraud, including identity theft, electronic crime and computer intrusion. The service was part of the U.S. Treasury until 2003, when it was one of the agencies brought into the newly-created Department of Homeland Security.

Data breaches have hit other retailers. TJX Cos., owner of the T.J. Maxx and HomeGoods chains, reported in 2007 that hackers broke into its computer system and stole about 45.7 million credit- and debit-card numbers. The theft set a record at the time for such breaches.

Union Leader correspondents Barbara Taormina and Benjamin C. Klein and Bloomberg News contributed to this report.