You choose, we deliver
If you are interested in this story, you might be interested in others from The Journal Gazette. Go to www.journalgazette.net/newsletter and pick the subjects you care most about. We'll deliver your customized daily news report at 3 a.m. Fort Wayne time, right to your email.

Business

  • Business at a glance
    BioLife Plasma Services opened a new collection center at 1450 Getz Road in Fort Wayne. Choice Designs Inc.
  • Competition’s all global
    John D. Zeglis is brimming with words of business wisdom.And the retired chairman and CEO of AT&T Wireless Services is eager to share them with the next generation of business leaders.
  • Lending rate at lowest in 17 years
    U.S. mortgage lending is contracting to levels not seen since 1997 as rising interest rates and home prices drive away borrowers. Wells Fargo & Co. and JPMorgan Chase & Co., the two largest U.S.
Advertisement

Target reveals debit PINs stolen, but confident encrypted numbers are secure

– Target said Friday that debit-card PINs were among the financial information stolen from millions of customers who shopped at the retailer this month.

The company said the stolen personal identification numbers, which customers type into keypads to make secure transactions, were encrypted and that this strongly reduces risk to customers. In addition to the encrypted PINs, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the cards were stolen from about 40 million credit and debit cards used at Target stores between Nov. 27 and Dec. 15.

Security experts say it’s the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

“We remain confident that PIN numbers are safe and secure,” spokeswoman Molly Snyder said in an emailed statement Friday. “The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.”

However, Gartner security analyst Avivah Litan said Friday that the PINs for the affected cards are vulnerable and people should change their codes since such data has been decrypted, or unlocked, before. In 2009 computer hacker Albert Gonzalez pleaded guilty to conspiracy, wire fraud and other charges after masterminding debit and credit card breaches in 2005 that targeted retailers such as T.J. Maxx, Barnes & Noble and OfficeMax. Gonzalez’s group was able to unlock encrypted data. Litan said changes have been made since then to make decrypting more difficult but “nothing is infallible.”

“It’s not impossible, not unprecedented (and) has been done before,” she said. Besides changing your PIN, Litan says shoppers should instead opt to use their signature to approve transactions because it is safer.

Advertisement