NEW YORK, N.Y. – Target says that personal information — including phone numbers and email and mailing addresses — was stolen from as many as 70 million customers in its pre-Christmas data breach. That was substantially more customers than Target had previously said were affected.
The chain also indicated its sales have been hurt by the breach, cutting its forecast for fourth-quarter earnings and a key sales barometer.
Its stock slipped in early morning trading Friday.
Target Corp. announced in December that about 40 million credit and debit cards may have been affected by a data breach that happened between Nov. 27 and Dec. 15 — just as the holiday shopping season was getting into gear.
But the net has now been cast wider, with more shoppers potentially impacted.
The company told customers Friday that its ongoing investigation of the breach has shown that more personal information had been stolen than it was aware of before and more customers were affected. It previously disclosed to customers that names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been stolen.
“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” Chairman, President and CEO Gregg Steinhafel said in a statement.
The company said customers won’t be liable for the cost of any fraudulent charges that stemmed from the breach.
Target said it will try to contact customers it has email addresses for to provide tips on how to safeguard against consumer scams. The company said it won’t ask customers for any personal information during its email communications.
It’s also offering a year of free credit monitoring and identity theft protection to customers that shopped at its stores. Individuals will have three months to enrol in the program. Target said it will provide more details on that next week.
A spokeswoman for Target Canada says none of its stores in Canada were affected by the breach because they use a separate point of sales systems.
The retail giant lowered its fourth-quarter adjusted earnings guidance to a range of $1.20 to $1.30 per share, down from $1.50 to $1.60 per share.
Analysts surveyed by FactSet expect earnings of $1.24 per share.
The Minneapolis company also said that it now foresees fourth-quarter sales at stores open at least a year will be down about 2.5 per cent. It previously predicted those sales would be about flat.
This figure is a closely-watched indicator of a retailer’s health. It excludes results from stores recently opened or closed.
Target cautioned that its fourth-quarter financials may include charges related to the data breach. The chain said the costs tied to the breach may have a material adverse effect on its quarterly results as well as future periods.
Shares of Target declined 32 cents to $63.03 shortly after the market opened.
The company has 1,921 stores, with 1,797 locations in the U.S. and 124 in Canada.