SAINT PAUL, Minn. – The security breach that hit Target stores in November and December may have impacted other retailers as well. NBC News reports that hackers may have infected a number of unnamed stores with similar malware as that which infected Target's checkout lanes.
A Twin Cities computer security expert said that the Target debacle may force industry leaders to kick American credit card security into the new millennium. U.S. credit and debit cards rely on magnetic strips on the back of the card for security checks. Newer technology uses computer chips embedded in the card.
"And in Europe," said William McGeveran, Associate Law Professor at the University of Minnesota, "you have chip and pin, which is both the (computer) chip inside the card and personal identification number (PIN) that you key in at the cash register."
McGeveran said even the chip and pin concept, using two security factors instead of one, may be outdated.
"Having been late to chip and pin, maybe it is time for us to go to the next generation of what is going to come after that," said McGeveran. "There are a lot of different ideas about what that might be, but it is probably going to be two factors, not one."
NBC's report includes comments from computer security experts that a malware virus, partly written in Russian, with the codeword "KAPTOXA", has been called innovative and remarkable by experts. It is feared the virus may have already infected an unknown number of retail outlets beyond the Target attack.
"Target is just the tip of the iceberg," said Jim Stickley, computer expert in NBC's report, "Personal information is being stolen as we speak and people are not doing anything yet to stop it."
TCF Bank has joined Citibank and JP Morgan/Chase in replacing credit and debit cards of any customers who shopped at Target during the time the malware was active, the day after Thanksgiving to December 15, 2013.