40 million credit, debit card accounts breached: Target

US retail chain Target said a data breach might have affected  around 40 million credit and debit card accounts. The data breach occurred just as the holiday shopping was picking up.

According to the retailer, customers who made purchases by swiping their cards at terminals in its US stores between 27 November and 15 December, might have exposed their accounts.

The stolen data included customer names, credit and debit card numbers, card expiry dates and the three-digit security codes at the back of the cards.

According to the company, the data breach did not affect online purchases.

The stolen information included Target store brand cards as also major card brands such as Visa and MasterCard.

"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause," chairman, president and CEO Gregg Steinhafel said in a statement yesterday.

According to the Minneapolis company, it immediately informed authorities and financial institutions once it became aware of the breach and that it was teaming with a third-party forensics firm to investigate and prevent future breaches. The company added, it was putting all "appropriate resources" toward the issue.

According to a Los Angeles Times report, a multibillion-dollar industry had emerged to profit from the buying and selling of perfectly legal consumer data, regardless of whether consumers had given permission of their supposedly confidential information to be sold on the open market.

A leading privacy advocate, told Congress on Wednesday that professional data brokers were selling lists of rape victims, people with HIV or AIDS and even police officers' home addresses to marketers.

According to Pam Dixon, executive director of the World Privacy Forum, few people knew that data brokers existed and beyond that few knew what they did.

She added even a knowledgeable consumer lacked the tools to exercise any control over his or her data held by a data broker. She said, it did not matter that the data was about the consumer, the data broker had all the rights, and the consumer has none.

Lazarus says, digital technology had brought many advances to the world, but all those bits and bytes had become low-hanging fruit for legal and illegal enterprises eager to exploit the ready availability of information about where people lived, what they bought, who their friends were and how they lived.