The bad news continues for Target. The “Expect More. Pay Less.” company says up to 70 million customers had their personal data compromised during the holiday shopping season. The stolen information includes names, mailing addresses, email addresses and phone numbers of customers who shopped in the store from November 27 to December 15.
Target previously reported 40 million customers had their financial data taken, including credit and debit card numbers, expiration dates, and security codes. All together the breach could affect up to 110 million customers, though the company says there is likely overlap between the two groups.
While Target promises customers will not be liable for fraud associated with the data theft, the incident is taking its toll on business. The Minneapolis Star Tribune reports the company had a slower than expected holiday haul and is closing eight stores in its 1,800-unit chain, the largest shutdown in recent memory.
The Star Tribune also notes the company has struggled to stay ahead of the curve regarding the details of theft:
To date, little fraud has been reported related to the breach. But since it was initially announced in Dec. 19, Target has twice been forced to acknowledge that more information got out than it thought. On Dec. 27, Target said that customers’ PIN numbers were exposed.
The company, along with the Secret Service and the U.S. Justice Department continue to investigate the breach.