Target says that customers' encrypted PIN data was removed during the data breach that occurred earlier this month.
The company issued a statement Friday that additional forensic work has shown that encrypted PIN data was removed along with customers' names and card numbers. But Target says it believes the PIN numbers are still safe because the information was strongly encrypted. It says the PIN can only be decrypted when received by its independent payment processor.
A PIN is the personal identification code used to make secure transactions on a credit or debit card.
Data connected to about 40 million credit and debit cards used at Target were stolen between Nov. 27 and Dec. 15.
Minneapolis-based Target says it is still in the early stages of investigating the breach.
(Copyright 2013 by The Associated Press. All Rights Reserved.)
JPMorgan Chase is easing restrictions it placed on customers who used debit cards at Target stores during a massive credit and debit card security breach at Target stores, the company told customers Monday.
Target revealed last week that about 40 million accounts used to pay for purchases at its U.S. stores from Nov. 27 to Dec. 15 "may have been impacted" by the breach.
Chase, the nation's largest bank, and Citibank imposed limits on cards that were affected — in Chase's case, restricting withdrawals to no more than $100 a day in cash and $300 in purchases.
In a letter to customers, Chase said Tuesday that it was raising those limits to $250 a day in cash and $1,000 a day on purchases.
Chase said it was making the change after monitoring fraud activity over weekend and may continue changing the limits "if we feel it makes sense."