Angry shoppers are lashing out at Target, threatening class action lawsuits against the retailer - including one filed in Portland, Ore., alleging the store chain "failed to implement and maintain reasonable security procedures."
Meanwhile, the Secret Service says it's investigating the alleged hack attack that Target says compromised the credit and debit card information of 40 million customers nationwide between Nov. 27 and Dec. 15.
The theft is the second-largest credit card breach in U.S. history, exceeded only by a scam that began in 2005 involving a different retailer.
Target execs won't say exactly how the breach occurred but said the company has fixed the problem.
Shoppers in downtown Seattle said they were withholding judgment on Target until they find out more.
"I do trust Target until something shows up or something goes missing in my bank account. I do trust the store, the brand," said shopper Miles Craigwell.
But the fact is, local Target customers could be victims to this large-scale scam.
Brian Krebs, editor of Krebsonsecurity.com, advised anyone who shopped at Target during the affected period to keep a close watch on statements from their bank or credit card company.
"Pay attention to your statements, and if something doesn't look right just make sure you don't waste any time reporting it," he says.
On Sunday, the largest bank in the U.S., JPMorgan Chase, announced it is trying to lessen the blow by opening up more than a third of its branches to issue new cards to its nearly 2 million affected customers.
Stolen data included customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip found on the backs of cards, Target said.
There was no indication the three- or four-digit security numbers visible on the back of the card were affected, Target said.
The data breach did not affect online purchases, the company said.