(NEW YORK) — Days after denying that customers’ PIN data was removed obtained in a data breach, Target confirmed on Friday that the PIN information had been “removed.”
“While we previously shared that encrypted data was obtained, this morning through additional forensics work we were able to confirm that strongly encrypted PIN data was removed,” Target said in a press release. The company maintains that the encryption key was not taken and that the information is safe.
The PIN information, Target says, was fully encrypted at the keypad and remained encrypted at all times.
Because Target says it doesn’t have access to the encryption key in its system, the hackers could not have taken the key from their system during the breach.
“The most important thing for our guests to know is that their debit card accounts have not been compromised due to the encrypted PIN numbers being taken,” Target said.
Copyright 2013 ABC News Radio
John Newsome and Anne Woolsey, CNN