SACRAMENTO, USA - SEPTEMBER 23:  Target store on September 23, 2On Thursday, Target Corporation confirmed reports that the company’s security systems had been breached, allowing hackers access to up to 40 million credit and debit card accounts. Consumers who shopped at Target stores, not the retailer’s online website, between November 27 and December 15 may be affected.

Target said in a press release that it began investigating the incident as soon as it was discovered, including contacting credit card issuers, financial institutions and the authorities. Target did not specify how it was hacked, but security experts believe hackers targeted the retailer’s point-of-sale system, either by slipping malware into the terminals or collecting customer data as it made its way to credit card processors, CNN reported.

A day after the announcement, cyber-security reporter Brian Krebs, who broke the initial story, announced he had already tracked down counterfeit cards made using information stolen in the Target breach. He said the cards have been flooding underground black markets, selling for $20 to $100 per card.

While the retailer stressed that only in-store customers were affected and outside sources no longer have access to their systems, what does this mean for you if you were shopping at Target for a good deal ahead of the holidays?

What Information Was Stolen?

The information stolen in the breach includes customer names, credit and debit card numbers, card expiration dates and CVV codes. Home addresses and CVV2 (the three or four digit security code on the back of cards) were not stolen, as they are not stored on the cards’ black magnetic strips. While initial reports feared thieves also gained access to customers’ PIN numbers, Target reported that PIN numbers were not obtained.

This information can and has been used to reproduce counterfeit versions of the cards to make fraudulent purchases.

Was I Affected?

If you shopped at Target with a debit or credit card during the affected time period, you should receive a paper notification from Target in coming days.

You can also call Target directly at 866-852-8680. Target REDcard holders were also affected, as well as shoppers at all 1,800 stores in the United States. If you believe your information could have been stolen, continue reading to learn what you should do.

Debit Cards have Reduced Fraud Protection

Federal protections differ between credit cards and debit cards. While credit card users’ exposure is capped at $50 if they report the fraud within 60 days, debit card users do not enjoy such strong protection, and the account balance is much more vulnerable.

“If you used a debit card rather than a credit card at Target during the affected time period, it’s a good idea to contact your bank and cancel the card. “ says Christine Layton, an expert at

J.P. Morgan Chase has announced that they have lowered the daily withdrawal and purchase limits for customers whose cards were affected by the breach. This is only expected to be a temporary measure while new cards are being issued.

Be Vigilant for Signs of Fraud

In breaches this large, more credit cards are stolen than thieves can use. It’s estimated that about 5% of the cards stolen will be used, or about 2 million cards.

Check your credit card statement or bank statement for any fraudulent activity. Remember that identity thieves will not necessarily make large, noticeable purchases; many try to make smaller purchases over a long period of time that you are less likely to notice.

Report fraud or suspicious activity to your bank or credit card issuer immediately. You can also sign up for fraud monitoring service, which is usually free, as it may take months to notice any signs of fraud.

You can also report detected fraud to the Federal Trade Commission by calling 1-877-438-4338 or online here.

If you know you have been the victim of fraud or identity theft, it’s recommended that you place a fraud alert on your credit report, which is free and active for 90 days. This will make it more difficult for thieves to open new accounts in your name by requiring companies verify your identity before issuing credit.

Protecting Yourself from Data Breaches in the Future

You’re probably wondering, is there any way to protect your card information from any breaches in the future? Unfortunately, the only solution is to always use cash.

This is only the latest incident in which data has been accessed, despite banks and retailers spending millions to safeguard systems. Any company may be a victim of a similar data breach in the future, and there have been 600 breaches this year alone.

If you don’t want to carry around a lot of cash, or you want to shop online, the safest move is using a credit card to enjoy greater fraud protection and keep the money sitting in your checking account safe.