Target issued U.S. customers a blanket 10 percent off over the weekend of Dec. 21 and 22 as part of its apology for a security breach that resulted in the unauthorized access to some 40 million customer credit and debit cards.
The offer was limited to in-store transactions, and one transaction per customer.
Meanwhile, Brian Krebs of Krebs on Security, the blog that first broke the story of the security breach, said that some of the stolen card numbers are already being sold online.
The pilfered card numbers, which were used on transactions that occurred at Target between Nov. 27 and Dec. 15, 2013, “have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card,” Krebs wrote.
But a message from Target chairman and CEO Gregg Steinhafel tried to play down possible problems.
“We want our guests to understand that just because they shopped at Target during the impacted time frame, it doesn’t mean they are victims of fraud,” he wrote. “In fact, in other similar situations, there are typically low levels of actual fraud. Most importantly, we want to reassure guests that they will not be held financially responsible for any credit and debit card fraud. And to provide guests with extra assurance, we will be offering free credit monitoring services.”