NEW YORK—Many Americans spent the week before Christmas anxiously checking their bank accounts when it was revealed that the retail giant Target had become embroiled in the 2nd largest data breach in US history. Hackers gained unauthorized access to the credit and debit card data of 40 million customers who shopped at Target stores between Nov. 27 and Dec. 15.
Following the revelation, several state senators called for official investigations of the breach by the Federal Trade Commission and other government agencies. On Tuesday, New Jersey Senator Robert Menendez joined in the effort and announced that he sent a letter to the FTC urging them to investigate the breach and hold retailers accountable.
“In between wrapping presents and decorating the tree, New Jersians were getting emails from their banks warning them that they’re personal information and identities might have been stolen, a theft far worse and more sinister than anything the Grinch could have pulled off,” Menendez said Thursday morning in front of a Target store in Newport, Jersey City.
The letter sent to FTC Chairwoman Edith Ramirez called for a complete update on the FTC’s efforts in regard to the Target data breach and other similar large-scale institutions. Menendez explained that a thorough investigation must be launched and customers must be reassured that their personal information is secure. He warned that such large-scale security breaches could have a devastating chain effect: customers are discouraged, retailers suffer, and the economy takes a hit.
The letter also asks whether the FTC has the legal authority to penalize retailers with security breaches. When a similar scale data breach happened in 2006 to the parent company of TJ Maxx and Marshalls the FTC did not levy fines or penalties.
“If that is the case, that present law does not allow them to do so, then I want to propose legislation that will give the Federal trade Commission the ability to levy such fines and penalties,” said Menendez.
A heavy penalty may give retailers incentive to take precaution, he added.
“If you have strong fines and penalties for the data breaches and the lack of protection, then you may drive the investments that will secure the systems as well as you can secure them, so that ultimately you don’t have data breaches like this.”
The cause of the security breach is still unknown but Target said the problem is now fixed. Target is partnering with the Secret Service and the US Department of Justice on an ongoing investigation about the infiltration. The company has reassured that customers will not be held financially responsible for any credit card or debit card fraud.
“We want our guests to understand that just because they shopped at Target during the impacted time frame, it doesn’t mean they are victims of fraud,” Target CEO Gregg Steinhafel stated in a press release.
“We want to emphasize that the issue has been addressed and let guests know they can shop with confidence at their local Target stores.”
Yi Yang is a special correspondent in New York.