Page 2 of 2 Previous

Continued: Worried customers overwhelm Target

“It can happen to anybody,” he said.

Some analysts believe the amount of fraud resulting from the breach might be relatively low. But Target’s expenses for the fraud could be much higher, they added, if it has to reimburse banks for fraud losses and card reissuing costs, and pay penalties to credit issuers.

Avivah Litan, a financial services security analyst at Connecticut-based research firm Gartner, said that in most breaches no more than 10 percent of the stolen card numbers get used for fraud, largely because there is a glut of stolen numbers on the black market.

“In the end the fraud committed will probably be $25 million or less,” Litan said.

‘Serious ramifications’

The timing of the breach, and its disclosure less than a week before Christmas, makes the situation potentially damaging for Target and complicates its response.

“How many people right now are looking under their tree thinking, ‘Uh … I can pick out five different packages that all came from Target during that exact time,’ ” said James Wester, research director for global payments at Framingham, Mass.-based IDC. “This is probably going to cause some pretty serious ramifications.”

Marcus Rogers, a professor of cyberforensics at Purdue University, said one option to prevent the risk of compromised card numbers being used by thieves is to immediately cancel the cards and issue new ones.

But Rogers said canceling huge numbers of credit and debit cards in the late days of the holiday season would cause “chaos” that retailers want to avoid so close to Christmas.

“For the thieves, the timing is no coincidence,” Rogers said. “They are betting that Target and the credit card companies don’t want to hurt the economy by canceling the stolen cards.”

Target said it will close and replace its own credit cards only after evidence of theft.

A Visa spokeswoman said Visa also believes it’s unnecessary to pre-emptively cancel.

“Unauthorized access does not equal fraudulent activity,” Target’s Boylan said.


Staff writer John Ewoldt contributed to this report.

Jennifer Bjorhus • 612-673-4683

Steve Alexander • 612-673-4553


  • related content

  • Security aside, retailers’ data still vulnerable

    Friday December 20, 2013

    In recent years, a wide range of companies have fallen victim to cyberattacks.

  • Video: Shoppers react to Target data breach

    Thursday December 19, 2013

    Shoppers react to Target credit card breach.

  • Target's press release

    Thursday December 19, 2013

  • Video: Inside Business: Advice after the Target data breach

    Friday December 20, 2013

    Target Corp. is confronting a security breach that potentially exposed the credit and debit cards of 40 million customers...

  • Other big hacks

    Thursday December 19, 2013

    • Four Russians and a Ukrainian were charged in July in what prosecutors called the largest hacking scheme in U.S. history,...

  • Target says breach may affect 40 million credit, debit cards

    Friday December 20, 2013

    Target s confronting a security breach that potentially exposed the credit and debit cards of 40 million customers between Nov. 27 and Sunday.


    Find the latest news and information about Target Corp.

  • Janelle Borward loaded bags of supplies and gifts into her car after shopping the Midway Target store in St. Paul on Dec. 19, 2013.

  • Target shopping bags, a familiar sight.

  • Target operates nearly 1,800 U.S. stores, including this one on Nicollet Mall in downtown Minneapolis near company headquarters.

  • Janelle Borward loaded shopping bags full of supplies and gifts into her car on Thursday after shopping at the St. Paul Midway SuperTarget store on University Avenue.

  • get related content delivered to your inbox

  • manage my email subscriptions





Connect with twitterConnect with facebookConnect with Google+Connect with PinterestConnect with PinterestConnect with RssfeedConnect with email newsletters