Target Hack Tips

Target hack: Tips for all customers

The holiday hack Target made public last month stole 40 million credit and debit cards. But it also broke into Target's massive database of information on 70 million customers, the store said Friday.

While hackers only stole credit and debit card data from shoppers at U.S. stores between Nov. 27 and Dec. 15, they also grabbed details on people who shopped there before that.

"The possibilities are so much greater now that this other information has been compromised,"

 said Consumer Federation of America advocate Susan Grant.

Target said it has an ongoing investigation and does not know how far back the database goes.

Be on your guard: Now that the criminals have three ways to contact you, expect to get fake phone calls, emails and letters in the mail. They'll be asking for your personal information and telling you to click on links. Don't do it, even if it looks official.

Instead, take the advice of NTT Com Security consultant Chris Camejo and go directly to the source. If a person calls you, claims to be with your bank and says you've been affected by the Target hack, hang up. Then call the bank number on your credit card to resolve the issue.

Similarly, if you get an email that seems official, don't click on any links. If it claims to be Target, just go to Target.com/databreach. Target is posting all true communication with customers there. If it claims to be your bank or anyone else, ignore the email and go straight to the Target website. Type in the address yourself.