Target (TGT) said Friday the number of customers affected by its holiday shopping data breach surged by as much 70 million more, from the originally reported 40 million, and the range of information broadened to include not just customer card information, but ‘guest information’ as well. The retailer reassured its customers this latest development is not part of a new breach, but was uncovered as part on the ongoing investigation. In addition to the already-known customer names, card numbers, expiration dates and the CVV three-digit security codes that were stolen, Target said the new information included in the breach now includes names, mailing address, phone numbers and email address for as many as 70 million customers, though there may be some overlap between the 40 million first reported and the additional 70 million.
The number of payment cards affected by the breach still stands at about 40 million, meaning the new figure includes even people who didn’t swipe cards. The non-card related information actually came from a completely different access point, a Target spokeswoman confirmed to FOX Business. That hole has since been sealed, she said. However, she wouldn’t comment on which system it was, citing the “ongoing investigation.” “I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” said Gregg Steinhafel, Target’s chairman, president and chief executive officer, in a statement. “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.” More