NEW YORK (CBSNewYork) — Target on Tuesday denied a report claiming that personal identification numbers were also stolen in a data breach that affected up to 40 million credit cards.
A Reuters report Tuesday quoted “a senior payments executive familiar with the situation” as saying data hackers stole encrypted PINs. A major U.S. bank feared that thieves could use the codes to make fraudulent withdrawals from strangers’ bank accounts, the executive told Reuters.
But Target said the evidence did not show that anything PIN thefts had happened.
“To date, there is no evidence that unencrypted PIN data has been compromised. In addition, based on our communications with financial institutions, they have also seen no indications that any PIN data was compromised,” Target said in a statement. “Our priority continues to be the security of our guests and we are working around the clock to address this issue.”
Last week, the retailer had revealed that more than 40 million accounts had been hacked between Nov. 27 and Dec. 15.
The retailer has since become the subject of an investigation by the Department of Justice and theSecret Service. The retailer even released photos of the company’s chief executive officer and executive team meeting to discuss the breach.
However, Target’s response has not been enough to keep shoppers from taking legal action, even after it offered free credit monitoring for those affected. The company is now facing class-action lawsuits, accusing it of failing to “maintain reasonable security procedures and practices,” CBS 2’s Steve Langford reported.
Target reiterated Monday its responsibility in dealing with the breach, telling CBS 2 “It’s most important for our guests to know they will bear absolutely no liability for any fraudulent charges as a result of this breach.”