One of the nation’s leading big box retailers, Target, had its in-store payment systems compromised for more than two weeks, resulting in the possible theft of approximately 40 million credit and debit card accounts, the retailer said.
The intruders breached Target’s systems between Nov. 27 and Dec. 15. The breach occurred just two days before shoppers flooded Target stores nationwide to grab Black Friday deals. Target locations nationwide also opened Thanksgiving evening (Nov. 28).
Krebs on Security, a security blog, was the first to report the breach, which was later confirmed by Target on Thursday. The report said nearly all Target locations in the country may have been affected, citing sources.
Long Island is home to 14 Target stores, four in Nassau County—Hicksville, Levittwon, Valley Stream, Westbury—and 10 in Suffolk—Bay Shore, Central Islip, two in Commack, Copiague, Farmingdale, Huntington Station, Medford, Riverhead, South Setauket.
In a statement, Gregg Steinhafel, Target’s chairman, president and CEO, said “we moved swiftly to address this issue, so guests can shop with confidence.”
“We regret any inconvenience this may cause,” he added.
Target did not say how the intruders were able to gain access to its system.
The U.S. Secret Service is reportedly investigating the breach.
Target said it alerted authorities and financial institutions impacted by the attack on its systems after it was made aware of the incident. The retailer said its also working with a third-party forensics firm to investigate the breach.
The company advised shoppers on its website to review account statements and contact financial institutions if they suspect fraud.