Reading:
Ripples from the 2013 Target data breach
Share:
debit or credit card details are exposed

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Ripples from the 2013 Target data breach

Data breaches have been on an upward rise for as long as I can remember, and the Target breach back in December 2013 was a part of that trend.

Between 27 November and 15 December 2013, U.S. retailer Target was subject to one of the biggest hacks that the industry has seen. Around 40 million customers’ credit/debit card information was breached; 70 million customer records were stolen; 1 to 3 million cards were sold and used in fraudulent transactions; £163 million was spent on reissuing cards that were compromised; and an estimated £46.8 million went straight into the cyber-criminals’ pockets. Monumental!

The cyber-criminals managed to implement malware into the POS system in around 1,800 stores, which caused 40 million customers to be vulnerable to fraud. In the days following the breach, Target proceeded to acknowledge the breach. The U.S. retailer said that the breach had been investigated and that customers’ names and card details had been accessed, and this included card expiry dates and encrypted security codes.

A deflection technique?

As the company noticed early reports of credit card fraud, they reportedly may have wanted to maintain their untarnished reputation and customer loyalty. One way they allegedly tried to do this was by offering their customers 10 per cent off pre-Christmas in-store purchases.

Following the Christmas season was then when they revealed that encrypted debit card pin numbers had been accessed, but assured their customers that the actual pin number was secure.

More details coming out of the woodwork post-breach

It’s still a mystery as to what Target knew and when they discovered the data breach itself. More details of the breach was revealed in January 2014, where the retailer admitted that 70 million customers had their personal records stolen. Personal information lost is thought to include addresses, telephone numbers, and email addresses.

Fear for information security

After the breach spilled into the news, many customers feared for their personal information security.

40 million card account holders represents a big portion of customers for a company. The general consensus was that “just about everyone knows someone who’s been a victim” of the 2013 Target breach.

This caused customers to question the security of using their debit cards in transactions. This was because fraudulent credit card transactions are easier to handle than fraudulent debit card transactions; where a criminal can drain the account.

New secure systems?

As a result of large-scale data breaches like the 2013 Target data breach, many card issuers in the U.S. adopted EMV technology in a bid to protect consumers and to minimise the risk of fraudulent activity.

EMV stands for Europay, Mastercard and Visa, and it’s a way of authenticating chip-card transactions. Prior to the 2013 breach, there wasn’t a rush in implementing the EMV system. However, post-Target breach, there was huge public and legislative support for the system. This EMV system was also heavily endorsed by politicians as well.

Many security experts were of the opinion that EMV alone didn’t provide adequate security. Tokenisation is a method which substitutes sensitive data that the cyber-hackers have had access to, but making it impossible for the cyber-hackers to actually use that information. Tokenisation would have prevented “aftershocks” of the Target data breach.

One-step ahead

Though there are more sophisticated cybersecurity methods such as EMV and tokenisation, hackers will always find techniques to exploit them. This is why retailers and companies should stay one-step ahead and try to keep on top of their security.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon