If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The New York Times)   Target: Did we say 70 million victims? We meant 110 million   (nytimes.com) divider line 112
    More: Followup, Target, Gregg Steinhafel  
•       •       •

7755 clicks; posted to Main » on 10 Jan 2014 at 3:21 PM (33 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



112 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | 3 | » | Last | Show all
 
2014-01-10 03:55:34 PM
ZeroCorpse:
So now I'm rubbing two nickels together to pay for gasoline to get to work while I wait for USPS to deliver my new card,


This is essentially why I have two credit cards. I never use the older one, it's just sitting there in case of emergencies. The newer one gives me 'frequent flyer miles' (har har, I'll probably never have enough to bother using) and excellent protection in case of a breach. Technically I may still have an account with Chase but at this point I don't actually know (or care), and they've never sent me a new card so I'd be surprised if it was still open.
 
2014-01-10 03:58:27 PM

12349876: Walker: Ok this is getting silly. there are only 300 million people in the USA. That includes infants and people who don't even know what Target is. Are you saying 1 in 3 Americans visited Target during this short time period?

I think there's a lot of double counting going on.  They're almost certainly assuming each card counts as a separate person and maybe even each transaction is a different person.



So you mean when McDonald's says "Over 100 billion served" they don't mean 100 billion different people?

I'm skeptical.
 
2014-01-10 04:01:38 PM

brantgoose: I think I will get another credit card and use it only for online purchases and pre-payments.


You can get a new CC number for every online purchase.
 
2014-01-10 04:01:59 PM
OK.... You know.... the NSA gotta know who did this... I mean, they are pretty much snooping around in everything at this point...  this had to be like two burglars bumping into each other while trying to steal the same precious jewel...
 
2014-01-10 04:02:16 PM
With those numbers, it's like jumping off a ten story building vs a twenty story building. Past a certain point, the difference doesn't matter.
 
2014-01-10 04:05:15 PM
Mr Namegoeshere got hit for $10. We don't know if that was a test, or if they have so many cards that they can hit each one for $10 in the hopes that more people will fail to notice such a small amount, and still make major money.

So yeah, new cards for all.
 
2014-01-10 04:08:09 PM

namegoeshere: Mr Namegoeshere got hit for $10. We don't know if that was a test, or if they have so many cards that they can hit each one for $10 in the hopes that more people will fail to notice such a small amount, and still make major money.

So yeah, new cards for all.


Or could it be some farker? 2 months at a time, you know.
 
2014-01-10 04:10:56 PM

uncleacid: They may want to chang their name.


[thatswasis.gif]
 
2014-01-10 04:12:47 PM
Damn you Gov. Christie!
 
2014-01-10 04:15:47 PM

mayIFark: namegoeshere: Mr Namegoeshere got hit for $10. We don't know if that was a test, or if they have so many cards that they can hit each one for $10 in the hopes that more people will fail to notice such a small amount, and still make major money.

So yeah, new cards for all.

Or could it be some farker? 2 months at a time, you know.


Shhhh... I told him I got sponsored...  ; )
 
2014-01-10 04:17:18 PM
You know, at these levels the entire population is going to say, "Screw it, I may have never shopped at Target in my life, but I'm not taking any chances. Send me a new set of cards for all my accounts."

Buy credit-card-making-machinery stock immediately.
 
2014-01-10 04:19:59 PM

acohn: brantgoose: I think I will get another credit card and use it only for online purchases and pre-payments.

You can get a new CC number for every online purchase.


I do exactly that. Citibank's credit card system lets you generate Virtual Account Numbers that are good for a single usage. I particularly like them for the dickweed companies who try to auto-renew stuff without your consent.
 
2014-01-10 04:21:07 PM
Don't shop at target, or Walmart, Don't care.
 
2014-01-10 04:22:48 PM
brantgoose: I think I will get another credit card and use it only for online purchases and pre-payments.

Now, with linky: You can get a new CC number for each online purchase.
 
2014-01-10 04:24:01 PM

ladyfortuna: ZeroCorpse:
So now I'm rubbing two nickels together to pay for gasoline to get to work while I wait for USPS to deliver my new card,


This is essentially why I have two credit cards. I never use the older one, it's just sitting there in case of emergencies. The newer one gives me 'frequent flyer miles' (har har, I'll probably never have enough to bother using) and excellent protection in case of a breach. Technically I may still have an account with Chase but at this point I don't actually know (or care), and they've never sent me a new card so I'd be surprised if it was still open.


My moms friend had her emergency card canceled for lack of use.
 
2014-01-10 04:33:56 PM

MBooda: Damn you Gov. Christie!


like shooting at the broadside of a barn.
 
2014-01-10 04:34:43 PM

acohn: brantgoose: I think I will get another credit card and use it only for online purchases and pre-payments.

Now, with linky: You can get a new CC number for each online purchase.


Did you accidentally the whole thing?
 
2014-01-10 04:35:48 PM
And when do the Feds get involved?
 
2014-01-10 04:41:02 PM

VladTheEmailer: stampylives: vonmatrices: At some point, it will be ALL the credit card numbers.

ALL the credit card numbers are stolen.

0000 0000 0000 0001
0000 0000 0000 0002
0000 0000 0000 0003
0000 0000 0000 0004
0000 0000 0000 0005
0000 0000 0000 0006

These fail the Luhn check... 0000 0000 0000 0000 however....


All Visa cards start with 4.
All Mastercards start with 5.
 
2014-01-10 04:41:19 PM
Are we ready for Bitcoin yet?
 
2014-01-10 04:45:19 PM

Ex-Texan: Don't shop at target, or Walmart, Don't care.


Dude, you're hip and edgy as hell!
 
2014-01-10 04:50:35 PM
Well....I see Target will be getting a new CEO within a month. He'll probably make more money when he leaves then the combined total monthly payroll for four stores.
 
2014-01-10 05:02:25 PM

tricycleracer: The company now says that other kinds of information were taken, including mailing and email addresses, phone numbers and names.

Someone got into the loyalty program.  My email address isn't on my Amex stripe.


I got an email from Target about the breach, and was puzzled because I don't have a Target card.

Then I remembered the stuff I'd bought on Target baby and wedding registry lists.  D'oh.
 
2014-01-10 05:02:30 PM

Pangea: So you mean when McDonald's says "Over 100 billion served" they don't mean 100 billion different people?


That figure's never been people; it's always been hamburgers.
 
2014-01-10 05:04:39 PM

Snarfangel: The other, other shoe has dropped!

[drawception.com image 300x250]


Caterpillar last seen at O'Malley's bar killing people.
 
2014-01-10 05:05:31 PM

ChubbyTiger: acohn: brantgoose: I think I will get another credit card and use it only for online purchases and pre-payments.

Now, with linky: You can get a new CC number for each online purchase.

Did you accidentally the whole thing?


Fark keeps removing the hyperlink.  Anyway, B of A has Shopsafe, a service that lets you generate a virtual CC number linked to your CC account.  You can use it for single online purchases or recurring payments (up to 12).  Citi has the same thing, and both products are from the same vendor: Orbiscom.
 
2014-01-10 05:11:02 PM

orezona: yakmans_dad: My wife's card information (obviously) was stolen, but when she asked her credit union about it she said the thieves hadn't used it.

Didn't send her a new card.

/Is that insane?
//or what?

She needs to demand it.

My bank (Chase) went ahead and sent out new cards to both me and my wife unsolicited.


You know Chase has questionable ethics. However they have been very good to me. They immediately helped me when my credit card was stolen. They have answered all my questions in a timely manner. Granted I never took out a home loan, but overall they are a good bank.
 
2014-01-10 05:16:03 PM

ladyfortuna: ZeroCorpse:
So now I'm rubbing two nickels together to pay for gasoline to get to work while I wait for USPS to deliver my new card,


This is essentially why I have two credit cards. I never use the older one, it's just sitting there in case of emergencies. The newer one gives me 'frequent flyer miles' (har har, I'll probably never have enough to bother using) and excellent protection in case of a breach. Technically I may still have an account with Chase but at this point I don't actually know (or care), and they've never sent me a new card so I'd be surprised if it was still open.


Good luck with that.  My main bank flagged a credit card charge as possible fraud (but didn't bother to contact me immediately to verify), leaving me standing at the register like a chump.  "Ha, ha!" I exclaimed as I whipped out my backup card.  Also declined.  So I crossed my fingers and swiped the debit card (same bank as my primary credit card).  It worked.  So, once I got settled at home, I called the second card and asked WTF happened.  "That charge was out of character for your regular spending pattern."  "I have no spending pattern with you.  I haven't charged anything on that card since May."  "Exactly."  :facepalms:  Called the first bank and told them to call me on my cell phone  before flagging my card so I'm not left standing there like a chump.  I have enough money there that they say "yes sir" and "of course sir" and "I'm so sorry this happened sir".  So far, they haven't flagged my card since then.

Of course, I'm only comfortable having a loose rein on that card because the bank sends me a text and an email any time there's a charge over $10.  Usually comes through before I've put my wallet away.
 
2014-01-10 05:25:39 PM
gifrific.com
 
2014-01-10 05:33:23 PM

spamky: [gifrific.com image 500x200]


You're late to that party dude.
 
2014-01-10 05:36:26 PM

Belias: Are we ready for Bitcoin yet?


I hope not. (http://tinyurl.com/n2qtsog)
 
2014-01-10 05:40:47 PM

Parthenogenetic: tricycleracer: The company now says that other kinds of information were taken, including mailing and email addresses, phone numbers and names.

Someone got into the loyalty program.  My email address isn't on my Amex stripe.

I got an email from Target about the breach, and was puzzled because I don't have a Target card.

Then I remembered the stuff I'd bought on Target baby and wedding registry lists.  D'oh.


That email may not have been from Target.  I hope you didn't click on any of its links.
 
2014-01-10 05:51:28 PM

ZeroCorpse: And meanwhile, I'm still here waiting for the USPS to deliver my replacement card which is about a week overdue. Apparently, travel across the country in the middle of a winter storm is enough to make the USPS lose things for several days.

What pisses me off about Target's deception is that they KNEW this breach happened a while ago, and they sat on that information, choosing to attempt to keep it quiet until after the holiday shopping was done. They were cornered into revealing it when the bulk of the shopping season was over, but even then they downplayed it, lied about the numbers of people affected, and offered a 10% off weekend to try to get people in for those last days of holiday shopping... If they had ANY integrity, they'd have let people know as soon as they'd confirmed it, but they didn't.

So now I'm rubbing two nickels together to pay for gasoline to get to work while I wait for USPS to deliver my new card, and I can only hope Target stores become like ghost towns because of this abuse of customers' trust.


My bank canceled my debit card last week but the replacement hasn't shown up yet.  They said it could take up to three weeks.

Thanks Target.  Find the IT person who didn't do his goddamn job and pound his testicles with a 3 pound sledgehammer.
 
2014-01-10 05:55:15 PM

acohn: Belias: Are we ready for Bitcoin yet?

I hope not. (http://tinyurl.com/n2qtsog)


"Individuals" is the wrong term for that article's conclusions.  Many of those top holders are very likely companies, such as exchanges and payment processors.  Care to hazard a guess at the number of "individuals" it would take to get to 50% of outstanding US dollars, if we allow corporations/banks/etc to be classified as "individuals"?

In contrast to you, I hope to be able to spend Bitcoin as easily as I do USD as soon as possible.  A purchase made today via Bitcoin at (for instance overstock.com) stands exactly zero chance of theft, no matter who hacks overstock's systems.  This is a paradigm shift from yesterday's payment systems.  It places the security of my finances in my control.
 
2014-01-10 06:04:18 PM
Lsherm:My bank canceled my debit card last week but the replacement hasn't shown up yet.  They said it could take up to three weeks.

Thanks Target.  Find the IT person who didn't do his goddamn job and pound his testicles with a 3 pound sledgehammer.



Target is committed to diversity in its workforce, and believes that woman have an equal right to pummeling by sledgehammers.
 
2014-01-10 06:07:10 PM

yakmans_dad: My wife's card information (obviously) was stolen, but when she asked her credit union about it she said the thieves hadn't used it.

Didn't send her a new card.

/Is that insane?
//or what?


My credit union sent a new card without me asking.
 
2014-01-10 06:15:48 PM

Lsherm: Thanks Target. Find the IT person who didn't do his goddamn job and pound his testicles with a 3 pound sledgehammer.


How about we find the thieves?
 
2014-01-10 06:17:05 PM

DrewCurtisJr: Lsherm: Thanks Target. Find the IT person who didn't do his goddamn job and pound his testicles with a 3 pound sledgehammer.

How about we find the thieves?


Them too, but why in the name of all that is holy were they storing PINs?
 
2014-01-10 06:17:40 PM
So anyone else thinking this is going to be the death knell of Target...? I mean it's not the end of the world, but this isn't exactly the happiest PR event ever conceived and will more than likely drive an awful lot of people away.
 
2014-01-10 06:37:41 PM

Snarfangel: Lsherm:My bank canceled my debit card last week but the replacement hasn't shown up yet.  They said it could take up to three weeks.

Thanks Target.  Find the IT person who didn't do his goddamn job and pound his testicles with a 3 pound sledgehammer.


Target is committed to diversity in its workforce, and believes that woman have an equal right to pummeling by sledgehammers.


Women in IT have to work harder and smarter than men because IT is overrepresented by men.  So it follows the IT person who farked up is a man.
 
2014-01-10 06:54:14 PM
Bought something at Target around Halloween, don't remember what.  Got mail a last week my card may have been compromised, to expect a new one in the mail, and my current one will be turned off in 4 weeks.  Got the new one monday, tested it tuesday, and chopped up the old one today.  So in 3 weeks I get to update my card info for all those bloody auto-pay things I have setup so I don't have to worry about paying bills.  I'm thinking this is a good time to let my newspaper sub die, in 3 years it's gone from $9.99/mo to $17.99.  They have never notified me of a price increase, they just do it.  Plus the paper sucks nowdays.

I think the effect on Target will be short lived.  In fact, I wouldn't be surprised if we find out other large retailers were also hit by the same attack.
 
2014-01-10 07:14:40 PM

Lando Lincoln: Okay okay okay. We really meant to say, "anyone that has ever shopped at Target in the past five years with a credit or debit card."


Also, anyone who has applied for a Target REDcard.  They've said that email addresses and other personal info has gotten out, not just debit/credit card info.

In addition to giving out your personal info right and left, then lying about it, they are also selling "gift cards" that don't do anything.  You give them money, they give you a cheap piece of plastic that simply does nothing.  It's a great gift for the person who has everything, since that person won't eve need to go buy anything.

They've done so much wrong, it looks intentional.  They've been lying about how many people were effected.  They started out with "They don't have your PIN information", then we learned they were lying about that.  So far, they have lied about each and every aspect of it until there was evidence that they couldn't cover up.

But that won't keep the board of directors from getting multi-million-dollar bonuses at the end of the year.
 
2014-01-10 07:17:26 PM

Snotnose: Bought something at Target around Halloween, don't remember what.  Got mail a last week my card may have been compromised, to expect a new one in the mail, and my current one will be turned off in 4 weeks.  Got the new one monday, tested it tuesday, and chopped up the old one today.  So in 3 weeks I get to update my card info for all those bloody auto-pay things I have setup so I don't have to worry about paying bills.  I'm thinking this is a good time to let my newspaper sub die, in 3 years it's gone from $9.99/mo to $17.99.  They have never notified me of a price increase, they just do it.  Plus the paper sucks nowdays.

I think the effect on Target will be short lived.  In fact, I wouldn't be surprised if we find out other large retailers were also hit by the same attack.


Looks like it's already happened.

http://krebsonsecurity.com/2014/01/hackers-steal-card-data-from-neim an -marcus/
 
2014-01-10 07:18:34 PM

jtown: Parthenogenetic: tricycleracer: The company now says that other kinds of information were taken, including mailing and email addresses, phone numbers and names.

Someone got into the loyalty program.  My email address isn't on my Amex stripe.

I got an email from Target about the breach, and was puzzled because I don't have a Target card.

Then I remembered the stuff I'd bought on Target baby and wedding registry lists.  D'oh.

That email may not have been from Target.  I hope you didn't click on any of its links.


Yeah, I thought about that too, since the header indicated the originating mail server was target.bfi0.com.  It turns out it was legit.   http://www.forbes.com/sites/jameslyne/2014/01/07/targets-latest-failu r e-and-how-to-spot-a-scam/

The email didn't contain any dodgy links or attachments.

Also, it was a verbatim copy of this:   https://corporate.target.com/discover/article/Important-Notice-Unauth o rized-access-to-payment-ca
 
2014-01-10 07:37:32 PM

Parthenogenetic: jtown: Parthenogenetic: tricycleracer: The company now says that other kinds of information were taken, including mailing and email addresses, phone numbers and names.

Someone got into the loyalty program.  My email address isn't on my Amex stripe.

I got an email from Target about the breach, and was puzzled because I don't have a Target card.

Then I remembered the stuff I'd bought on Target baby and wedding registry lists.  D'oh.

That email may not have been from Target.  I hope you didn't click on any of its links.

Yeah, I thought about that too, since the header indicated the originating mail server was target.bfi0.com.  It turns out it was legit.   http://www.forbes.com/sites/jameslyne/2014/01/07/targets-latest-failu r e-and-how-to-spot-a-scam/

The email didn't contain any dodgy links or attachments.

Also, it was a verbatim copy of this:   https://corporate.target.com/discover/article/Important-Notice-Unauth o rized-access-to-payment-ca


At this point, I wouldn't even trust Target to secure their web servers.  Their IT security appears to be total clown shoes.  Card swipers compromised at a national level, transaction history database compromised, sitting on the knowledge for weeks so people will unwittingly continue to shop at their stores.  Nuke the whole thing from orbit.  Time to show the American public that some companies  aren't too big to fail.  For fark's sake, they've mishandled private data of 1/3 of the nation and exposed 40,000,000 to risk of significant financial problems.  Shut it down.  Shut it down forever.

geekcentricity.com

I'm starting to feel bad that I spent almost a hundred bucks (cash!) there this week.  Only because they were the only store I could find that had what I wanted in stock.
 
2014-01-10 07:45:08 PM
Uh, plus your names, birthdates and emails. Uh, and your security questions.
 
2014-01-10 08:31:58 PM
40, 70, now 110 million accounts compromised... They clearly have no clue or incentive to reveal the true scope of this mess.

Target maintains data on more than just their "guests".  Who knows which or how many of their 'partners' have provided or sold Target consumer data such as name/address/email/phone/social security number information?  in bulk.  TransUnion previously sold information to fake companies then later labeled them 'hackers' when the data was misused (the data was sold by TransUnion).  My expectation is most banks & all three credit reporting agencies are selling much of this info not only to Target, but to EVERY data-miner that is willing to pay for it.  Even less scrupulous companies are also consolidating this information and selling it to anyone with a checking or bitcoin account.

Since we now know Target doesn't encrypt most of their guests' data (apparently only 4-digit pin numbers are encrypted), it's probably safe to assume most other multinational corporations also don't bother.  It costs money to encrypt & decrypt & adds hassle to parse so why bother - it hampers marketing efforts which affects shareholders' returns & furthermore there's no penalty for losing it other than bad PR.  If a company is unwilling to pay their own employees/associates a living wage, it's extremely likely they're also unwilling to introduce costs protecting 'guest' or prospective customers' personal information.

Sadly, consumers have no assurance Target or any corporation is protecting their data.  Corporations and government agencies are rushing to collect as much consumer data as possible with no regulations/laws, oversight, or limits concerning how it must or can  be protected, shared/sold, linked, destroyed, etc.  Consumers are as much the product as the 'guest'.

But my biggest concern with all this... WHY is Target storing all this information?  They don't need to store it to process payments.  So they intentionally decided to store it for another purpose.  They haven't stated any intention to stop storing it either.  So when will someone (news/media/Congress) ask them what they've been doing with it or detail what they can do with it?  It must be important to Target in some way to store data about every 'guest' or potential guest or they wouldn't incur any costs storing it.
 
2014-01-10 08:56:54 PM
monitise.

know the name, love the name.

with shiat like this it is a matter of time cc security in the states matches our counterparts in europe.
 
2014-01-10 09:01:02 PM
funny, I pay cash and nothing like this ever happens.

Interesting that 'they' are pushing for a cashless society, where all your money could be wiped out by hackers or magnets.
 
2014-01-10 09:02:48 PM

Iczer: So anyone else thinking this is going to be the death knell of Target...? I mean it's not the end of the world, but this isn't exactly the happiest PR event ever conceived and will more than likely drive an awful lot of people away.


I hope not... despite this, I've long preferred to shop at Target over Walmart or whatever other options are out there. The only reason I've only gone once in two years is that I have to drive an hour or be visiting relatives to be anywhere near a store. I do most of my 'not local' shopping on Amazon because of Prime, but that's because Target's web site has annoyed me for as long as I could remember.
 
Displayed 50 of 112 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report