Attention Target Shoppers: Credit Card Data Stolen

If you shopped at a Target store between November 27th and December 15th (which of course you did) and used a credit or debit card of any kind (which of course you did), then your card data may have been compromised, and you should check your accounts for suspicious activity.

Happy Holidays!

I’m trying to decide if I proactively ask for a new card, or if I just keep watching my account (for how long?) for suspicious activity. I’m leaning towards the first, after the New Year.

I stopped at the bank after work to speak with a banker. When I was told that if my card was used illegally, that my account could be overdrawn, my mind was made up. My new debit card will arrive in 7-10 days. Until then, I montor my account, and try to remember the places that I’ve allowed access to automatic debits. ( gas company, etc…)
Also, I’m glad I made an old-fashioned visit to the bank, as the banker mentioned I-pass as an example of someone that may need to be notified. I do indeed need to notify I-pass and would have completely forgotten that one!

Well son of a bitch, that’s probably how my card number was stolen a couple of weeks ago.

I had the worst luck two weeks ago, I hit a deer with my car, too it to get fixed and tried to rent a car. My credit card was declined, they started asking me if I had tried to buy $1700 worth of stuff from Sweden! Since they had already shut down my card I had no way to rent a car. I’ve been wondering how my card got compromised like that, that’s the most likely answer.

All the more reason to never ever use a debit card if you have access to credit cards.

I’m just glad it’s not Walmart or we’d never hear the end of it from the haters.

…and today I got a phishing email ostensibly from Target… except all the links in the email went to some other site…

Were the links to “”, with really long strings of characters afterward? That appears to be a legitimate email, and the links do indeed go to I recently signed up for their discount notifications and got a confirmation email right after, so I was fairly certain it was legit, and I went ahead and clicked through. But I checked the links just now, and they do look weird, as I described.

Amazingly, the local Target was still pretty crowded this morning - I thought it would be a ghost town. Lots of people paying with cash though.

I found another article on this theft:

Previous articles had said credit card information was stolen; this article makes clear those numbers are for sale at online markets dealing in stolen credit cards. So very definitely if you purchased anything at a Target store using a credit card from Nov. 27 and Dec. 15 you need to monitor your credit card account for suspicious activity.

I think it likely that after the holidays a lot of these cards will be replaced.

The same damn thing happened at Schnucks like not even a year ago. What the fuck. And there was some stupid confusion because I went and got a new card from my bank, but somehow didn’t do it the way they wanted, so they canceled my card out of the blue a little bit later and I had to get ANOTHER new card. Looks like I get to do it again.

Why bother? If it’s a credit card, you won’t be responsible for any fraud on it. Well, technically you could be asked to pay the first $50 of it, but if you tell the bank you’ll cancel the card if they make you pay, then generally the bank will even take care of that $50 for you; they’d rather have your continued business.

Skip the hassle. Just keep an eye on your monthly statement (which you always should be doing anyway), and on the off-chance that something weird pops up, give your bank a call.

The news piece I saw said that although several million card numbers were stolen, only a small percentage of them will ever be used for fraudulent purposes. So if there’s only a 5% chance your card will get used, and you won’t be responsible for the mess anyway, why give yourself all that work?

OTOH, if you used a debit card, you probably ought to check with your bank to see what their fraud policy is. If they say it’s gonna be on you, then yes, change your card ASAP.

It would render the old number unusable, so if you feel like doing your civic duty— the cost of fraudulent charges does get spread around to consumers, ultimately— or just feel like sticking it to the dickhead hackers, it’s a tactic to consider.

My wife and I have three cards that were used during the period in question. No suspicious charges so far; still considering whether to get new cards or take your approach.

So they’re giving a whopping 10% this weekend, and I haven’t seen the restrictions–are there any? Or many?

10% is just a crap move, IMHO. Hell, they could have sucked every bit of last minute money out of the hands of the late shoppers if they’d made it even 20%. And be ahead.

Not sure what your reasoning is, here. You aren’t responsible for fraudulent charges if you report them quickly. And debit/credit card numbers are equally easy to steal and use.

Just get new cards. The threat of having your card numbers used “sometime” will never go away until they expire and are reissued. I work at a bank, and we’ve been told to advise customers to watch and wait,** only **because it makes less work for us. Waiting on new cards to arrive is a minor inconvenience compared to the thought of watching your statement like a hawk for the next few years. Nobody wants the worry hanging over their heads of a scammer possibly running up a huge bill at their expense.

I don’t shop at Target, so luckily I don’t have to worry about this. But if you did, get a new card whether you notice any suspicious activity or not. I sure as shit would.

And ask Experian or one of the other credit reporting sites to put a fraud alert on your account. Experian. in my case, is advising the other 2 credit bureau automatically, so it was quick and easy.

The problem is if you only have one payment method available in your wallet/purse and suddenly out of the blue that payment method is shut down because of credit card theft problems, you have problems.

Plus, my current card doesn’t expire for 2 years. Do I really want to spend the next 2 years worrying that I might have my card number used by someone else? I’d rather ask for a new card in 2 weeks, switch over all my autobill stuff, and be done with it.

While you’re getting things sorted out with the bank, do you want your money screwed up and potentially inaccessible, or someone else’s money screwed up?

Why ? Your identity hasn’t been stolen, they don’t have the information to apply for a new credit account. Just the information physically on your credit card. Which is Name, Number, CVV (not CVV2 - that is on the back). The Krebs article says the card #'s are being sold with the Target store location as well, so they have your state and your/a nearby zip code as well. Not enough to apply for a credit card, so the credit bureau fraud alert won’t help you at all. The places who should be livid about this breach and the fact that they aren’t replacing all the cards immediately are someplace like Walmart, Best Buy, etc, who are going to get hit with huge fraud from clones of stolen cards.