(Reuters) - Payment card data was stolen from an unknown number of Target Corp customers starting on the busy Black Friday weekend in a major breach at the U.S. retailer, according to a person familiar with matter.
Investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores, according to the person who was not authorized to discuss the matter.
Krebs on Security, a blog that first reported the news, said that breach involved nearly all Target outlets in the United States, citing sources at two credit card issuers.
The breach could have extended from just after Thanksgiving to December 15, Krebs said, citing evidence from investigators.
Target representatives did not respond to requests for comment.
(By Jim Finkle and Jennifer Saba. Editing by David Gregorio and Andre Grenon)