Methuen resident Kristen Novak said she was “horrified” when she found out about the possible data breach of 40 million credit and debit card accounts who shopped at popular retail chain Target.
“It’s a scary thing to think about,” she said outside the Target in Methuen yesterday.
The chain, known for its bright red logo, shopping carts and store decor, said that accounts of customers who made purchases by swiping their cards at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have been exposed. The stolen data includes customer names, credit and debit card numbers, card expiration dates and the three-digit security codes located on the backs of cards. The data breach did not affect online purchases.
Novak said when her husband found out about the incident he called her immediately knowing that she had shopped at Target during that time.
“I went there to shop but the lines were too long that day so I left and did shopping at another store,” she said. “I was kind of annoyed at the time about it but now I am so happy I did.”
The breach affected all cards, including Target store brand cards and major card brands such as Visa and MasterCard.
The Minneapolis company said it immediately told authorities and financial institutions once it became aware of the breach and that it is teaming with a third-party forensics firm to investigate and prevent future breaches. It said it is putting all “appropriate resources” toward the issue.
“It’s crazy to think about how this can even happen,” Novak said. “You are not expecting something like this when you go shopping.”
After the Massachusetts-based clothes retailer TJX experienced a major data breach, the Legislature passed a law requiring businesses to notify the Office of Consumer Affairs and Business Regulations and the Office of the Attorney General when informed of a data breach.