Nov. 27 to Dec. 15 Cyberthieves gain access to information on millions of debit and credit cards from Target customers.

Dec. 18 Target CEO, Gregg Steinhafel, issues a rare statement on holiday sales, saying, "We are pleased with Target's holiday performance."

Dec. 18 Computer security blogger Brian Krebs posts story saying Target is confronting a security breach involving millions of debit and credit cards.

Dec. 18 A spokeswoman for American Express confirms the data breach sayings they've launched their own investigation.

Dec. 18 The Secret Service confirms to other media sources it has begun its own investigation.

Dec. 19 Target confirms that credit and debit cards information of 40 million customers may have been exposed.

Dec. 20 Steinhafel issues an apology to customers and offers a discount to shoppers for the weekend.

Dec. 23 U.S. Department of Justice steps into investigation.

Dec. 23 Target says the data breach involved malicious software on the point-of-sale card-swiping devices in the checkout aisles of its stores.

Dec. 27 Target acknowledges that, contrary to early reports, personal identification numbers to debit and credit cards were also exposed.

Jan. 3 TCF Bank joins other banks in "replace-them-all approach" to Target's security breach, will issue new cards to its affected customers.

Jan. 10 Target announces that personal information of 70 million customers also exposed during the breach, but the amount of overlap with the financial data of 40 million people is unclear. At worst, data of up to 110 million people was accessed from Target's system.