Target Data Breach - Part Two Encrypted PIN Data Stolen
Hackers are already launching targeted attacks and are likely performing brute force attacks on the encrypted PIN numbers. Once both credit card and PIN# information is disclosed, hackers can register charges as desired. As shared earlier affected Target customers should change their PIN# immediately to reduce risks.
QUOTE: Target said criminals had made off with customers’ encrypted PIN information as well. But Target said the company stored the keys to decrypt its PIN data on separate systems from the ones that were hacked. Target customers’ credit and debit card data on the black market, where a single card is selling for as much as $100. Criminals can use that card data to create counterfeit cards. But PIN data is the most coveted of all. With PIN data, cybercriminals can make withdrawals from a customer’s account through an automatic teller machine. And even if the key to unlock the encryption is stored on separate systems, security experts say there have been cases where hackers managed to get the keys and successfully decrypt scrambled data.