

Sources: Target Investigating Data Breach - tshtf
http://krebsonsecurity.com/2013/12/sources-target-investigating-data-breach/

======
panarky
I just checked an account recently used at Target, and it had about $800 in
fraudulent charges made in the last couple days.

Called the bank, cancelled the card. This is becoming almost routine, the
third breach of my personal accounts in two years.

I wonder why learning algorithms aren't preventing more fraud. My card has a
very clear pattern of use -- locations, merchants, etc. The fraudulent charges
are invariably in distant cities, at merchants I've never patronized.

Yet occasionally the bank will take the initiative and shut off an account for
suspected fraud -- for charges made within 2 miles of my home, and merchants
I've done business with for years, etc.

With petabytes of transaction and fraud data, why can't they build more
intelligent fraud detection?

~~~
sehrope
Another option is to monitor your accounts yourself. Most credit card
companies allow you to setup email/sms alerts for charges (or charge
attempts). This gives you an immediate notification if unauthorized charges
appear rather then logging in and checking it every so often.

Another advantage of this approach is that for most legitimate charges the
email comes right after you used the card when you'll remember the specific
details( _ie no trouble remembering lots of small purchases at the end of the
month_ ).

------
tannerc
"It’s not clear how many cards thieves may have stolen in the breach. But the
sources I spoke with from two major card issuers said they have so far been
notified by one of the credit card associations regarding more than one
million of cards total from both issuers that were thought to have been
compromised in the breach."

Well crap.

------
dmix
This is the third time Target has been the target of hacking in the last
couple of years, after they previously had their POS systems hacked in 2009:

[http://storefrontbacktalk.com/securityfraud/j-c-penney-
targe...](http://storefrontbacktalk.com/securityfraud/j-c-penney-target-added-
to-list-of-gonzalez-retail-victims/)

And their customers account info leaked last year:

[http://blogs.villagevoice.com/runninscared/2011/04/huge_emai...](http://blogs.villagevoice.com/runninscared/2011/04/huge_email_hack.php)

------
chaz
Secret Service is now investigating:
[http://arstechnica.com/security/2013/12/secret-service-
inves...](http://arstechnica.com/security/2013/12/secret-service-
investigating-alleged-credit-card-breach-at-target/)

This could turn out to be a big deal, especially if debit cards and PINs were
compromised.

------
pasbesoin
This deserves a bit of context, as many U.S. and Canadian members may either
be affected or have family and friends who may be:

 _Nationwide retail giant Target is investigating a data breach potentially
involving millions of customer credit and debit card records, multiple
reliable sources tell KrebsOnSecurity. The sources said the breach appears to
have begun on or around Black Friday 2013 — by far the busiest shopping day
the year.

According to sources at two different top 10 credit card issuers, the breach
extends to nearly all Target locations nationwide, and involves the theft of
data stored on the magnetic stripe of cards used at the stores..._

------
lhgaghl
Can someone just make some data visualization of corporations getting hacked
and to what extent, e.g what kind of data was leaked - private messages,
health info, credit card, passwords, etc. Methods used for infiltration should
be listed too. Getting tired of reading 5 articles a day on how huge site X
got hacked. It would be good to just be able to look at a graph and see some
peaks once in a while, click on them for detailed info about the breach. Such
a site would be useful for backing up arguments.

~~~
ars
Sounds like you just volunteered.

