Associated Press reports that an email sent to roughly 70 million Target customers who may have been affected by a pre-Christmas data breach is causing panic among those who fear it could be an attempt to victimize them again.
Target says the email - which offers free credit monitoring services to potential victims of the breach - is legit. But consumers have been on edge since news of the data breach broke last month. And they've been warned to be on alert for possible follow-up attacks that could come in the form of phishing emails, electronic messages designed to implant malicious software on their computers or draw them to websites that prompt them to enter personal information. So when Target's email began circulating earlier this week, many recipients questioned its authenticity. The email was especially suspicious to people who say they haven't set foot in a Target store in years.
Jim Reid, 60, of Minneapolis says he was a little nervous about clicking on the link in the email and he questioned whether it was a good idea to send Target even more personal information when they were unable to protect it in the first place. "There's too much uncertainty," Reid says. "They keep changing what they're saying about how many people were affected, about what kinds of information were stolen. It's obvious that they really don't know."
According to Target, hackers stole data related to 40 million credit and debit card accounts and also pilfered personal information, including email addresses, phone numbers, home addresses and names of as many as 70 million customers. Target spokeswoman Molly Snyder says it's those 70 million people that Target contacted by email. And while Target believes the theft of the roughly 40 million debit and credit card numbers only affected cards swiped between Nov. 27 - Dec. 15, the 70 million people whose personal information was stolen could have last shopped at a Target store months - or even years - ago.
Meanwhile, consumers are right to be wary of emails purportedly sent by Target. Snyder says that in recent weeks the retailer has stopped more than a dozen operations that sought to scam breach victims by way of email, phone calls, and text messages. Target says all of the letters it's sending to shoppers are posted on the company's website, along with information about what customers need to do to sign up for Target's free credit monitoring. Shown here is a screen capture of the email as it appears on Target's blog, A Bullseye View.
Snyder confirmed that the information gathered for the free service won't be used for marketing purposes. While shoppers are offered the option of continuing the monitoring service after a year, they won't be automatically re-enrolled in the service or receive a bill.