US retailer Target is making up for a major IT security breach by offering its customers in the United States on Saturday and Sunday a ten-percent discount on any single purchase.
Some 40 million customers may have had information from their credit and debit cards compromised by hackers who broke into its database between November 27 and December 15, Target said Thursday.
The next day company CEO Gregg Steinhafel appeared in a videos posted on a company website in which he explained the security breach, apologized for delays at company call centers, and extended the offer.
“We’re in this together, and in that spirit, we are extending a 10 percent discount – the same amount our team members receive – to guests who shop in US stores on December 21 and 22,” he said.
The website added: “Valid in store only. Limit one offer per guest to be used in a single transaction. Void if prohibited by law. Not valid in Canada. No cash value.”
Steinhafel also said that customers “will not be held financially responsible for any credit and debit card fraud,” and for extra assurance, Target “will be offering free credit monitoring services.”
Despite the offer, many customers took to the store’s Facebook page to vent their anger.
“This all seems VERY unorganized and extremely disrespectful to your customers. Offering 10 percent is laughable,” wrote a woman named Stacey Jane Deme.
A Target representative gamely answered all of the posts, though many of the answers were variations of “We know it’s been frustrating to reach us … and we want you to know we are working hard” to get more support.
According to Steinhafel, few people who shopped during that period are likely to be fraud victims.
Target has addressed the security breach, and customers “can shop with confidence” at Target stores, he said.
Target said it is working with law enforcement and financial institutions to track down the culprits.
In a separate communication to consumers on its website, the company recommended shoppers “remain vigilant for incidents of fraud and identity theft.”
The information that may be compromised “included customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code),” Target said.
Target urged consumers to closely read their account statements and credit reports and to report suspicious activity.
Target is the third-largest US retailer after Wal-Mart Stores and Kroger, according to Stores Media, a part of the National Retail Federation. The company had 1,778 stores in the US as of February 2013.
News of the attack was first reported by security blogger Brian Krebs, who said the breach extends to nearly all US-based Target stores.