Tags: target | pin | data | stolen | breach

Target PIN Data Confirmed Stolen in Breach But It Was Encrypted

Image: Target PIN Data Confirmed Stolen in Breach But It Was Encrypted

Friday, 27 Dec 2013 02:58 PM

By Morgan Chilson

  Comment  |
   Contact Us  |
|  A   A  
  Copy Shortlink
In a reversal of its earlier position, Target announced Friday that PIN data was stolen when the company was hacked, but said the data is secure because it was encrypted.

In an exclusive story on Christmas day, Reuters quoted an anonymous official who said PIN data was hacked, but Target denied the information and said no unencrypted data was taken and PIN numbers weren’t compromised.

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

“This morning through additional forensics work we were able to confirm that strongly encrypted PIN data was removed,” the company said in a statement. “We remain confident that PIN numbers are safe and secure. The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.”

The company’s statement explained in detail that a PIN entered in a store is encrypted at the keypad with security called Triple DES. “Target does not have access to nor does it store the encryption key within our system,” the statement said, explaining that the key to access that data could not have been taken during the breach because the company doesn’t have it.

“The most important thing for our guests to know is that their debit card accounts have not been compromised due to the encrypted PIN numbers being taken,” the Target release said.

Password security consultant Per Thorsheim told CNN Money that it would be “difficult or impossible to decrypt” PIN numbers that were protected by the Triple DES security, depending on whether the payment processor’s key was “robust enough.” Target would not identify its payment processor.

With such encryption in place, it’s unlikely the PIN could be used to get money out of ATMs.

Customers who are concerned their debit card PINs may have been breached should call their financial institution to change their PINs and get new cards.

Editor's Note: ObamaCare Is Here. Are You Prepared?

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact Us  |
  Copy Shortlink
Send me more news as it happens.
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Retype Email:
Zip Code:
Privacy: We never share your email.
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus

Newsmax, Moneynews, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, NewsmaxWorld, NewsmaxHealth, are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved