NEWPORT, Ky. – There was more bad news for Target and millions of its customers on Friday.
The retail giant admitted that hackers got customer PIN numbers along with their names and debit card numbers in that giant data breach earlier this month.
The company admitted that "strongly encrypted PIN data" was removed between Nov. 27 and Dec. 15.
Does that mean bad guys can get your personal identification number?
Target says no.
In a statement, the company said: "Target does not have access to nor does it store the encryption key within our system ... “
According to Target, when you use your debit card at one of their checkouts, your PIN code is encrypted by a program called Triple DES. So Target says your PIN code is encrypted at the keypad, it's encrypted the whole time it's in their system, and it was encrypted when hackers got it earlier this month.
“The most important thing for our guests to know is that their debit card accounts have not been compromised due to the encryption numbers being taken," Target’s statement said.
Nevertheless, the second largest data breach in history has rocked consumer confidence. According to a recent survey, consumer perception of Target has dropped to its lowest level since 2007.
Swiping a debit card and entering a PIN number at the counter has become second nature to a lot of us. Now millions of Target shoppers have to wonder who else may know their four-digit code.
As a result, some scared shoppers are changing their spending habits.
Outside the Target in Newport, Brittany Comstock told WCPO she knew someone whose account had been hacked.
"She had to go through and cancel all of her credit cards,” Comstock said Friday. “She said she had like one more left to cancel. It's a hassle to have to go and do all that.
"She was talking about how somebody in Denmark called her at like 3 o'clock in the morning and said, 'Hey, obviously this isn't you (spending from this account).’ It's definitely something to be concerned about."
Jeff Seeger said he’s not using his card to shop.
"I'm going into Target right now with cash," Seeger said.
Seeger says he shops at Target all the time and is checking his bank account for unusual activity.
"Nothing yet, and I pray to God that nothing does happen, but hopefully it doesn't," Seeger said.
But he acknowledged that his data is out there.
"Yeah, and that's the scary part. That really is the scary part,” Seeger said.
If you think you could be one of those Target customers affected by this, the easiest thing to do is change your PIN number and password.
Target said it is still in the early stages of investigating the breach. It has been working with the Secret Service and the Department of Justice.