Spoiler: It was Target. See what I did there? 1
Target’s announcement came one day after a security blogger, Brian Krebs, first reported the breach. In a statement, Target confirmed that criminals gained access to its customer information on Nov. 27 — the day before Thanksgiving and just ahead of one of the busiest shopping days of the year — and maintained access through Dec. 15.
Target said it had confirmed that its online customers were not affected by the breach, which appears to have been isolated to the point-of-sale systems in Target’s retail stores.
Given that gaining access to the physical point-of-sale systems should be an infinitely more difficult task than gaining access to the online database 2, this does not fill me with the most hope for Target’s ability to protect customer data in the slightest.