{
	"id": "38a7aa07-d642-4cc1-a04f-b49055a7db7a",
	"created_at": "2026-04-06T01:31:37.487133Z",
	"updated_at": "2026-04-10T03:24:30.154427Z",
	"deleted_at": null,
	"sha1_hash": "172e3fd258043c8e24bc091de3bd20f853d7bb94",
	"title": "Target down? “Biggest data breach ever” leaks 40 million credit and debit cards from retailer at height of shopping season",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 40517,
	"plain_text": "Target down? “Biggest data breach ever” leaks 40 million credit\r\nand debit cards from retailer at height of shopping season\r\nBy Rob Waugh\r\nArchived: 2026-04-06 00:25:53 UTC\r\nCybercrime\r\nDetails of 40 million customer debit and credit cards may have leaked in a data breach at American retailer Target\r\n- which began on November 27 and ended on December 15, affecting stores at the height of shopping season.\r\n19 Dec 2013  •  , 3 min. read\r\nDetails of 40 million customer debit and credit cards may have leaked in a data breach at Target - which began on\r\nNovember 27 and ended on December 15.\r\n“Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15,\r\n2013,” the retailer said in a statement. The data stolen is reportedly \"track data\" which can be used to clone cards,\r\naccording to Brian Krebs.\r\n“Target alerted authorities and financial institutions immediately after it was made aware of the unauthorized\r\naccess, and is putting all appropriate resources behind these efforts.  Among other actions, Target is partnering\r\nwith a leading third-party forensics firm to conduct a thorough investigation of the incident.”\r\nThe story initially broke via security expert Brian Krebs’ site, Krebs on Security, leaked to him via officials at 10\r\ncredit card issuers.\r\nIt’s still unclear which stores were affected, and who the attackers are. Krebs quotes one unnamed anti-fraud\r\nanalyst at a card issuer as saying, “We can’t say for sure that all stores were impacted, but we do see customers all\r\nover the U.S. that were victimized.”\r\nAccording to ABC News, the U.S. secret service is currently investigating, but declined to provide further details.\r\nThe report said that the attack hit the height of the shopping season, and described it as “one of the largest data\r\nbreaches of all time”. ABC’s report said that unnamed security experts did not expect the incident to be resolved\r\nuntil “well into the new year.”\r\nThe data stolen was “track data”, according to Krebs’ sources. This, Krebs warns, is exactly what cybercriminals\r\nneed to clone credit cards - but the damage caused by the breach may depend on whether the criminals also have\r\naccess to PIN numbers.\r\n“The type of data stolen — also known as “track data” — allows crooks to create counterfeit cards by encoding\r\nthe information onto any card with a magnetic stripe. If the thieves also were able to intercept PIN data for debit\r\nhttps://www.welivesecurity.com/2013/12/19/target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retailer-at-height-of-shopping-season/\r\nPage 1 of 3\n\ntransactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from\r\nATMs,” Krebs said.\r\nESET Senior Research Fellow David Harley warns that even if the criminals do not have access to this data, the\r\nsecurity of Target customers will be impacted.\r\nHarley says, “Even if your PIN or password is well chosen, your security is reduced – not necessarily completely\r\ncompromised – if  data such as track data are compromised by other means.”\r\n“It’s not clear exactly how the data were stolen in this case, and therefore whether PIN data for debit cards were\r\nalso stolen. Still, it’s always worth trying to make it harder for a crook to guess PINs: the PINs people actually\r\ntend to use are more stereotyped than you might think. See this blog for more details.\r\nThe store issued a statement via its website, saying, “Your trust is a top priority for Target, and we deeply regret\r\nthe inconvenience this may cause. The privacy and protection of our guests’ information is a matter we take very\r\nseriously and we have worked swiftly to resolve the incident.”\r\n \"You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your\r\naccount statements and monitoring free credit reports.  If you discover any suspicious or unusual\r\nactivity on your accounts or suspect fraud, be sure to report it immediately to your financial\r\ninstitutions.”\r\nAs ESET security researcher Stephen Cobb points out, even though we are hearing that Target's online shoppers\r\nare not affected, now would be a good time for anyone who has an account at target.com to change their password,\r\njust to be on the safe side.\r\nLet us keep you\r\nup to date\r\nSign up for our newsletters\r\nhttps://www.welivesecurity.com/2013/12/19/target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retailer-at-height-of-shopping-season/\r\nPage 2 of 3\n\nSource: https://www.welivesecurity.com/2013/12/19/target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retail\r\ner-at-height-of-shopping-season/\r\nhttps://www.welivesecurity.com/2013/12/19/target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retailer-at-height-of-shopping-season/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.welivesecurity.com/2013/12/19/target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retailer-at-height-of-shopping-season/"
	],
	"report_names": [
		"target-down-biggest-data-breach-ever-leaks-40-million-credit-and-debit-cards-from-retailer-at-height-of-shopping-season"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775439097,
	"ts_updated_at": 1775791470,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/172e3fd258043c8e24bc091de3bd20f853d7bb94.pdf",
		"text": "https://archive.orkl.eu/172e3fd258043c8e24bc091de3bd20f853d7bb94.txt",
		"img": "https://archive.orkl.eu/172e3fd258043c8e24bc091de3bd20f853d7bb94.jpg"
	}
}