The hackers who compromised up to 40 million Target credit and debit cards also manged to steal encrypted personal identification numbers, according to Reuters.
Target suffered a major security breach when hackers targeted the big-box chain’s point-of-sale systems between Nov. 27 and Dec. 15. The hackers gained access to customer names, card numbers, card expiration dates, three-digit security codes and now PINs.
Some banks have taken precautionary steps over fears that PINs have fallen into criminal hands. JPMorgan Chase & Co and Santander Bank have set withdrawal limits on ATMs and at stores over security fears.
Target is working with federal authorities, financial institutions and a third-party forensics firm to investigate the massive data breach.