Target today says its holiday data breach is worse than the company initially announced.
The company said in a statement on its website that it now believes 70 million customers were affected by a data breach involving names, phone numbers, email and mailing addresses
Company spokeswoman Molly Snyder said this is separate from the 40 million customers affected by the credit card data breach, although she said there may be some overlap.
The company said it will try to contact customers involved in the larger breach, but said Target will not be asking anyone for any personal information. Target said the company will also be offering information to help people avoid scams.
The company also downgraded its expected fourth quarter financial results. Target is expecting a 2.5 percent decline in sales, citing weaker than expected sales following announcement of the data breach.
In a message on Target's website, CEO Gregg Steinhafel apologizes for the breach again, and says he is sorry that customers are being affected by the breach:
"I know that it is frustrating for our guests to learn that this information was taken and we are sorry they are having to endure this," said Gregg Steinhafel, chairman, president and chief executive officer. "Our guests expect more from us and deserve better. And I want them to know that understanding and sharing the facts is important to me and the entire Target team."
Guests will have zero liability for the cost of any fraudulent charges arising from the breach. To provide further peace of mind, Target is offering one year of free credit monitoring and identity theft protection to all Target guests who shopped our U.S stores. Guests will have three months to enroll in the program. Additional details will be shared next week.
• Dec. 19: Target: 40M card accounts may be breached
• Dec. 23: Target briefs state attorneys general on data breach
• Dec. 23: Customers sue Target over credit card breach
• Dec. 26: Consumer Reports to Target shoppers: Replace your card
• Dec. 27: Customers' encrypted PINs were obtained