Target says that customers’ encrypted PIN data was removed during the data breach that occurred earlier this month.
The company issued a statement Friday that additional forensic work has shown that encrypted PIN data was removed along with customers’ names and card numbers. But Target says it believes the PIN numbers are still safe because the information was strongly encrypted. It says the PIN can only be decrypted when received by its independent payment processor.
A PIN number is the personal identification code used to make secure transactions on a credit or debit card.
Data connected to about 40 million credit and debit cards used at Target were stolen between Nov. 27 and Dec. 15.
Minneapolis-based Target says it is still in the early stages of investigating the breach.