Target and Other Financial Data Breaches: Frequently Asked Questions [February 4, 2015]   [open pdf - 517KB]

"On January 10, 2014, Target announced that personal information, including the names, addresses, phone numbers, and email addresses of up to 70 million customers, was also stolen during the data breach. A report by the Senate Committee on Commerce in March 2014 concluded that Target missed opportunities to prevent the data breach. […] To date, Target has reported data breach costs of $248 million. Independent sources have made back-of-the-envelope estimates ranging from $240 million to $2.2 billion in fraudulent charges alone. This does not include additional potential costs to consumers concerned about their personal information or credit histories; potential fines or penalties to Target, financial institutions, or others; or any costs to Target related to a loss of consumer confidence. The breach was among the largest in U.S. history. […] In addition to Target, there have been data breaches at Home Depot, JPMorgan Chase, Sony, and Adobe. Payment card information was obtained at Adobe and Home Depot. Hackers downloaded a wide range of company confidential information at Sony, and they obtained contact information in the JPMorgan Chase breach. […] Policy options discussed in these hearings include federal legislation to require notification to consumers when their data have been breached; potentially increase Federal Trade Commission (FTC) powers and authorities over companies' data security; and create a federal standard for the general quality or reasonableness of companies' data security. […] This report answers some frequently asked questions about the Target and selected other data breaches, including what is known to have happened in the breach, and what costs may result."

Report Number:
CRS Report for Congress, R43496
Public Domain
Retrieved From:
Via E-mail
Media Type:
Help with citations