Target Corp. said Friday that PIN data of its customers' bank ATM cards were stolen as part of the massive data breach at the third-largest U.S. retailer, but it was confident that the information was "safe and secure."I can't for the life of me figure out why they would store the PIN (as opposed to the card number - there are all sorts of legitimate reasons to do this). As to strong encryption, I think that's almost certainly true. However, I'm not so confident that someone couldn't crack this. It would take some pretty intense knowledge of cryptography, but I wouldn't rule it out as impossible. I also think that more information will continue to come out about this over the next week or two. There could very well be another shoe about to drop.
The stolen PIN data was "strongly encrypted" when it was removed from Target's systems, and the "key" necessary to decrypt data is not within its system and could not have been taken during the breach, spokeswoman Molly Snyder said in a statement. "We remain confident that PIN numbers are safe and secure."
If you've used your debit card at Target, change your PIN.