As the holiday season got underway between November 27th and December 15th, approximately 40 million credit and debit cards used at Target were compromised as a result of a security breach at Target according to the retail giant.

Data such as customer names, the card numbers, expiration dates, and the three-digit security code may have been exposed. It is unknown if pin number data was also breached. The data breach affects shoppers that swiped their cards while making in-store purchases throughout the United States at any one of Target’s 1,797 stores. Online and Canadian shopper’s information has not been compromised.

The breach affected all major credit cards as well as Target’s own card.

The problem was addressed and reported as soon as Target was made aware of the breach. Target recommends that any customer that shopped at the store between the mentioned dates to check their statements carefully for any unauthorized purchases. Target also provided a number to contact if any suspicious purchases are found on their cards. That number is 866-852-8680. Furthermore, cases of identity theft can be reported to law enforcement or the Federal Trade Commission.

Target did not elaborate on how the breach occurred but say that they have teamed up with a third-party forensics firm to investigate and to prevent any further breaches in the future. They announced that the situation is now cleared up and that customers at the store are no longer vulnerable.

This data breach is one of the largest ever to hit a US retailer.

Visa reports that their cards are protected by zero-liability protection policy and their advanced fraud-monitoring capabilities.