Target: Hackers took encrypted PIN data

Target: Hackers took encrypted PIN data

Target Corp. said the cyber-crooks who hacked their way to approximately 40 million customer credit and debit card accounts during the holiday season accessed “strongly encrypted” PIN information.

Still, the retailer said Friday that it remains “confident that PIN numbers are safe and secure.”

The PIN data is encrypted as it’s entered by a customer at a keypad at checkout, protected with what’s known as Triple DES encryption, according to Target.

The PIN information stays encrypted within Target’s system and “remained encrypted when it was removed,” the Minneapolis-based company said.

The code can only be cracked when the data is received by Target’s external, independent payment processor, according to the retailer.

target“What this means is that the ‘key’ necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident,” the company said Friday.

The retailer didn’t address the possibility that hackers…

View original post 127 more words


Comments are closed.