Target, the US chain store, has confirmed this week that it is aware of substantial unauthorised access to its payment card data.
Around 40 million credit and debit card accounts may have been impacted between November and December this year.
Customer data, including credit and debit card numbers, full names, expiration dates and security codes, have all been potentially leaked.
Target, in a statement, wrote that it alerted authorities and institutions immediately after it was made aware of the unauthorised access. Even so, it has warned customers to check bank statements thoroughly for purchases made by hackers using stolen data.
"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause," said Gregg Steinhafel, chairmen, president and chief executive officer of Target.
On the Black Market
The US Secret Service has confirmed its working with Target as it investigates the cause of the breach and attempts to track down the cyber-criminals responsible. Target is partnering with a leading third party forensics firm to conduct a thorough investigation of the incident.
Since the hack, authorities are seeing a ten to twentyfold increase in the amount of high-value credit cards on the black market, where they are being sold for around $50 (£30, AU$56).
With 40 million affected customers, the Target breach isn't far behind the largest ever credit card data breach in US history, when hackers managed to make off with 46 million credit card details belonging to TJ Maxx and Marshalls customers.
Minneapolis-based Target Corporation serves customers at 1,921 stores - 1,797 in the United States and 124 in Canada.