Target: Up to 40M Hit by Credit-Card Hack Company had massive breach around Black Friday, through as late as Sunday By John Johnson, Newser Staff Posted Dec 18, 2013 7:21 PM CST Updated Dec 19, 2013 7:58 AM CST 39 comments Comments Shoppers take advantage of Black Friday sales in the early morning at a Target store in Chicago. (AP Photo/Kiichiro Sato) (Newser) – Attention, Target shoppers: That Black Friday bargain you scored might have some serious strings attached. Target today confirmed that some 40 million credit and debit card accounts may have been affected by a data breach, after Krebs on Security and the Wall Street Journal yesterday reported the chain was investigating a major such breach at its physical stores; online shoppers appear to be safe. Target says those who made purchases at its US stores with their cards between Nov. 27 and Dec. 15 may have been hit, reports the AP. Yesterday's reports suggest that hackers gained access to the data stored on the cards' magnetic stripes. Worst case, the hackers could "create counterfeit cards by encoding the information onto any card with a magnetic stripe," says the Krebs report. "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs." The Secret Service has confirmed that it is investigating, and Target says it has employed a third-party forensics firm to dig in and is throwing all "appropriate resources" at the issue. Customers who suspect fraudulent activity has taken place using their card should call 866-852-8680.