My understanding is this was not limited to those in-store shopping during the period but online as well and anyone in their system is at risk. Neiman’s announcement they were hacked as well, points to a much larger target.

What happens when the hacker is able to use Big Data and connect the customers’ location(s), purchases, credit cards and online behaviors? What will they be able to do?

It is only a matter of time when such “partial information” breach impacts consumers lives. As Google wallet and swipe and pay become more common, and as customers allow apps to access their information on their phones, the chances of more breaches becomes more likely.

I think hacked data will be a big story in 2014. Especially when the data is able to be mined by hackers just like marketers.

Not sure what Target can do. This is bound to happen to more retailers as well. The consumers need to get better prepared and not expect retailers to protect them. I’m surprised more people don’t just lock their credit reports so no one can use it to open a line of credit. I locked mine up years ago and there is simply no need for anyone to see my credit report. It’s not 100% foolproof and I doubt there is anything out there that is. From what I understand, those who used Target’s REDcard have no worries. Target is just getting all the bad press right now. It will be some other company next. Maybe it’s time for the consumer to use some common sense and take the first step in protecting themselves. Just like we lock our cars up before we go into a store and shop and then unlock them we use them again. With all the data breaches I think it’s a little too much to expect that retailers will protect us.… Read more »

Target needs to get in front of this growing embarrassment and assure consumers that their personal information is safe when shopping in Target stores. One way to do this would be for Target to embrace chip and pin technology and spend the money necessary to offer this service to consumers, starting with REDcard holders. By leading through example, Target could spark a change in customer data security, while bringing the US up to par with the rest of the world. With chip and pin, this data breach would not have happened.

I predicted security will be the 2014 theme of retail and it looks like I’m right. The Neiman Marcus information is still early but indicators are showing it is a very serious data breach and similiar to Target.

No one “hacks” millions of data records, they walk through the front door unnoticed. The next few weeks are going to be very fluid regarding retail security.

The general population is dealing with a breach of trust. As time goes by, the security of Target’s Point Of Sale (POS) and in fact their whole Information Technology (IT) system is highly suspect and most likely a shambles. The entire executive committee of the company has been disclosed as inept and undeserving of the trust placed in their charge. The board of directors needs to make immediate changes for the sake of the investors and the consumers willing to support Target in spite of the obvious risks.

This is no small matter and the only communication from the company is that it is getting worse. If the system has no security, and as we now know it doesn’t, it should be shut down and the company should continue in disaster recovery mode using third party electronic payment support until the company’s IT ans POS systems are rebuilt, tested and certified as safe.

When I first read this statement “I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” I felt it was weak and not reassuring at all. Identity theft is more than “frustrating.” It’s just about the same as having your home burglarized and the associated violations of self. Then there’s all the legwork and scrutiny necessary to protect assets immediately and into the future. I know that companies hire consultants to audit and install protocols for network security. Evidently there are no standards across retail operations, such as ISO standards. If there are, there’s been no mention. The occurrences at Target and Nieman Marcus suggest that standards must be identified to the public at large with statements of proof they are being adhered to. I’m not pretending I review the elevator inspection documents every time I step onto an elevator. However, retail network security standards, auditing and statements of proof can easily be show cased on retailers’ websites… Read more »

Target has been thrust into a leading role in consumer data protection and if it fails to to take action, or if another retailer grabs the lead, the damage to the Target brand will be unrepairable when the results of the breach begin affecting consumers.

Target needs to exceed any action recommended by a crisis management template.

There is no doubt that Target was PCI compliant. This just proves that no matter how secure you think you are, and that no matter what laws or procedures are passed, that if someone wants to hack you, they will. There will always be a way.

They say they are offering credit report monitoring, but I have not received any information from Target to date as to how to access that offer. I used my AE Gold card several times during the vulnerable period.

When the equivalent of a third of the U.S. population may be affected, and the media label this incident the “worst breach in history,” Target really can’t over-communicate with consumers as to what it knows and how it will move forward to protect customer information.

Target has done a good job of coming forward as new developments unfold, though I sense consumers aren’t fully confident that Target is out ahead of this incident, nor that the company is communicating how it will prevent such large-scale data issues in the future. Given the news gets worse week after week, I’m not confident Target is doing everything it can to regain shopper trust.

This issue is not just about Target and other retailers. It’s also about the banks and other card-sponsoring services, and about the lack of attention we devote to protecting our personal information. Here are a couple of thoughts: First, retailers should forge relationships with banks in which they actively partner their active security systems. On two occasions I’ve been notified by my bank of attempted unauthorized use of my account before I was notified by the retailers fooled by my identity thief. It occurs to me that an ironclad union and synchronization of retailer systems with banking systems would provide a much higher hurdle for hackers and a better early warning algorithm for misuse. Additionally, a “best practices” competition would arise from this partnership with retailers and banks challenging each other to provide the ever-evolving best and newest security systems. It would also solve the complacency exhibited by retailers regarding their systems: In spite of the fact that security systems require frequent updates to be useful, retailers are of the “OK, that’s done” mindset and… Read more »

How is it that 1/3 of the entire population has their private info stolen and there is no political commentary about the responsibility of the retailer to protect this data, or any initial discussions about what changes must be implemented to ensure consumer security?
If the news was that a trusted banking institution had allowed security breaches of 110,000,000 of their clients’ most sensitive data, what would people say then?