Cyber criminals swiped sensitive information from more than 40 million cards used at Target retail stores in the US and Canada between November 29th and December 25th of this year. According to the cyber-security blogger who first broke the story, the cards are now being sold in bundles of one million, reports the Los Angeles Times.
They are allegedly priced anywhere from $US 20 to $US 100 dollars per card. While CNN reports the stolen information could be worth as much as US $800 million, it notes the thieves are likely to get away with only “hundreds of thousands” of dollars as banks race to shut down compromised accounts.
The retail store security breach is one of the largest since 2007, when information from 90 million accounts was stolen.
Daniel Tobok, the managing director of cyber security firm TELUS Security Solutions, said that hacking has transitioned into “highly sophisticated organized crime, which is very lucrative business” reports CNN.
Target is working with the US Secret Service to investigate the hacking.
Cyber security expert Rodney Joffe told CNN that Target's information security is strong, “and if a breach of this magnitude can affect them, it can really affect anyone.”
According to CNN, more than 20 lawsuits have already been filed against Target for negligence.
