The Target Security Breach in Context
NEW YORK (TheStreet) -- So what happened at Target
Target shares came under pressure after the company announced a security breach that exposed up to 40 million card numbers to thieves between Thanksgiving and last Sunday.
The stolen data included customer names, card numbers, expiration dates and the Card Verification Value (CVV), a three-or-four digit code often used to verify a card's legitimacy.
These data are sometimes called "track data" within the industry. They are encoded in the magnetic stripe on the back of the card. The CVV acts as a "checksum" on the other numbers, allowing encrypted data to be read.
These data are supposed to be scrubbed from systems as soon as a transaction is processed, according to rules set by large processors such as Visa
Because this leak did not affect the company's Web store, the hackers probably broke into a data line running from the stores to Target, from someone collecting transactions for Target to Target, or from Target to its own card processors.
This is the biggest retail card breach since TJX Companies
TJX stock weathered the 2007 breach well, something investors selling Target today might want to consider. The shares are up more than threefold since the breach was reported, and that includes a sharp fall during the Great Recession.
Shares in other companies suffering breaches, including processors Heartland Payment Systems
Since card processing has been going on for decades, many of the systems being used are based on IBM
Another way to improve security is through so-called "chip and PIN" cards, which include a data-filled chip rather than a simple magnetic stripe. They are now being rolled out through cards often used for European travel, including the American Express