WASHINGTON — Investigators believe that overseas hackers were responsible for the cyber attack on U.S. retailer Target Corp. that compromised up to 40 million payment cards during the first three weeks of the holiday shopping season, a person familiar with the matter said on Friday.
The person, who was not authorized to talk publicly about the matter, said that government investigators do not believe that the hackers had inside help.
The source declined to say how the hackers got in or where investigators believe they are based, saying investigators don’t want to show their hand to the criminals or afford them a chance to destroy evidence.
Meanwhile the blogger who first broke news of the breach, Brian Krebs, reported that data stolen from Target had begun flooding underground markets that sell stolen credit cards.
KrebsOnSecurity.com reported on Friday that cards stolen from Target were being offered at “card shops” for rates starting at $20 each and going to more than $100.
A Secret Service spokesman declined comment on the investigation, which the agency is running.
The retailer reported the breach on Thursday, a day after Krebs broke news of the attack. Target has declined to say how its systems were compromised and has provided few other details about the case.
Spokesman Molly Snyder released a written statement on Friday that downplayed the initial impact from the incident.
“To date, we are hearing very few reports of actual fraud, but are closely monitoring the situation,” she said.
She said the stolen information was limited to data stored on the magnetic strip.
The hackers did not obtain PIN numbers used to access ATMs or the three or four-digit security codes that are printed on cards to verify online purchases, Snyder said.
She said Target has provided exposed card numbers to Visa, MasterCard, Discover and American Express. Those companies are in turn providing the information to the financial institutions that issue them.