Target's Word May Not Be Enough to Keep Your Stolen PINs Safe | WAMU 88.5 - American University Radio
Filed Under:

Target's Word May Not Be Enough to Keep Your Stolen PINs Safe

Play associated audio

The giant retailer Target continues to feel the fallout from a massive security breach at its stores. The latest revelation: Hackers who stole credit and debit card numbers this holiday season also collected encrypted personal identification numbers.

But Brigitte Clark had no worries as she left a Target in Los Angeles on Saturday morning, her cart full of groceries.

"I feel about as safe as we can be," she says. Things like Target's security breach just happen, she says, but she'll keep shopping.

"I mean, I'm gonna check my accounts, like I always do on a daily basis, which is what everybody should be doing," Clark says. "I have not changed. I have always checked my accounts daily. The hackers are on it, so we have to be on it."

In a statement, Target says the stolen PINs were encrypted, so they're safe. They say the only people that could decrypt the PINs are at Target's external, independent payment processor. Stuart McClure, CEO of computer security company Cylance, isn't buying it.

"To me, that's fantasy," McClure says. "I'm not quite sure what makes them think that."

He says the stolen PIN data can be decrypted by the hackers. They can conduct what's called "brute-force decrypting" if they've got the right tools and the time.

"It just depends on how determined the adversary is, and how committed they are to performing the fraud," he says. "You're probably talking about weeks or months."

McClure does have advice for people who shopped at Target during the dates in question.

"Either change your PIN now or just be hyper-vigilant about your account and all the withdrawals that are coming out of your bank," he says.

Outside the Los Angeles Target, shopper Sam Choi says he feels safe shopping there. He only uses a credit card, which doesn't require a PIN. Choi does think someone should be punished, though.

"Is this Target's fault?" he says. "I mean, somebody in their IT department probably needs to get fired, but that's about it."

Target stock has been down since news of the hack. To keep customers in stores, it instituted a 10-percent sale on all items the weekend before Christmas.

The company's quarterly results should come out in February. Those numbers might offer a clearer view into just how this episode will affect the company's bottom line.

Copyright 2013 NPR. To see more, visit http://www.npr.org/.

NPR

Snubs And Successes: 6 Lessons Learned From This Year's Emmy Nominations

HBO's Game of Thrones emerged as the most-nominated series with 19 nods for the Primetime Emmy Awards, but new series such as FX's Fargo and HBO's True Detective scored, too.
NPR

'Captain Pizza' Saves The Day, But Doesn't Save Himself A Slice

A pilot found himself hungry during a midflight delay. But instead of just buying a pizza for himself, he bought 50 pizzas for the entire Frontier Airlines plane.
NPR

Administration Officials Defend Funding Request To Stem Border Crisis

President Obama has asked for $3.7 billion to deal with the southern border crisis. There are predictions the number of unaccompanied children entering the U.S. could reach 90,000 by October.
NPR

A New Device Lets You Track Your Preschooler ... And Listen In

LG's KizON wristband lets you keep tabs on your child. But some experts say such devices send the wrong message about the world we live in. And the gadgets raise questions about kids' privacy rights.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.