Target said a massive payment card data breach during the holiday shopping season affected up to 70 million people, far more than previously estimated. Credit: Reuters
Target Corp. said Friday a massive payment card data breach that occurred during the first three weeks of the holiday shopping season affected up to 70 million people, far more than previously estimated.
In a statement, Target said an ongoing forensic investigation showed that certain customer information in addition to payment card data was stolen during the data breach.
The investigation showed that the stolen information included names, mailing addresses, phone numbers and email addresses.
"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," Chief Executive Gregg Steinhafel said.
Target plans to contact customers whose information may have been compromised.
"Guests will have zero liability for the cost of any fraudulent charges arising from the breach," the company statement said. "To provide further peace of mind, Target is offering one year of free credit monitoring and identity theft protection to all guests who shopped our U.S. stores."
The data breach was originally disclosed in mid-December, with the company estimating information from 40 million credit and debit cards was stolen between Black Friday and Dec. 15.