New details continue to surface on what private information thieves got away with from Target customers, during that massive data security breach.
The chain says it affected at least 40 million customers.
The retailer said customer names, debit or credit card numbers and card expiration dates were stolen along with the three-digit security codes often imprinted on the backs of cards.
The attack affects shoppers who visited Target stores from November 27 through December 15, 2013.
Target says the problem has been fixed. The company released a statement saying, "We have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause."
Security experts believe data hackings like this one occur in the credit card processing software.
Robert Siciliano with McAfee Security says, "A lot of the breaches that have occurred are done by organized web mobs that function here in the U.S. and are scattered throughout the world. They are technologists, criminal hackers that understand the mechanics of how all this stuff works. Often they might need somebody on the inside here to make things happen."
By the way, a Target spokesperson says the attack only affected shoppers who were in stores, not those who visited the web site.