Target says more people than it first thought were affected by a data breach it revealed last month, and more kinds of personal information have been compromised.
The nation's second-largest discount chain says an investigation has found that hackers stole personal information from as many as 110 million customers.
Last month, the company said the breach affected about 40 million credit and debit cards used in its stores between Nov. 27 and Dec. 15. It now says shoppers who made purchases outside that time frame could have been targeted.
Chris Kidd is a loyal Target shopper, popping in once a week or so. But on his credit card statement last month was a purchase he didn't make that caught his attention.
"I got the statement and about fell out of my chair when I saw the extra $3,000 added on there," he said.
A $3,100 flight to Dubai was charged to his card-- a trip he said he wasn't planning on making.
Kidd immediately called American Express who wiped out the charge. He's convinced hackers got his information from the Target breach, although he can't be sure.
Target originally said thieves obtained customers' names, credit and debit card numbers, expiration dates, PINs and the embedded code on the magnetic strip on the back of cards. It now says information stolen also includes phone numbers, mailing addresses and email addresses.
The company says customers won't be liable for the cost of any fraudulent charges stemming from the breach. And it says it will offer a year of free credit monitoring and identity theft protection to people who shopped at its stores.
Security Bank in Kansas City, Kan., called all 1,200 customers Visa told them might be effected and are warning customers to be prepared.
"I think it's kind of about the same. The bad guys have it. You have no idea when or how they're going to use it. They could use it next week, they could use it in three years," Security Bank Senior Vice President Tom Davies said.