Shoppers in a Target store on Black Friday, when the massive breach that hit 110 million customers began.
Here is a timeline of events associated with the breaches:
March 5: Target said it is replacing its chief information officer and filling two other top information security posts as part of an "an overhaul of our information security and compliance structure and practices at Target."
Feb. 4: Target Chief Financial Officer John Mulligan testifies to Congress that the company would accelerate its investment in advanced credit card technologies. Mulligan says the company first learned of the breach when notified by the Justice Department. Neiman Marcus and law enforcement representatives also testify.
Feb. 2: White Lodging says it is investigating a breach involving bars and restaurants at 14 hotels it manages, including Marriott (Fortune 500), Radisson, Renaissance, Sheraton, Westin and Holiday Inn locations. The breach occurred between March 20 and Dec.16, 2013. Independent security researcher Brian Krebs first , reports this breach on Jan. 31.
Jan. 30: Target says stolen vendor credentials were used in its massive breach.
Jan. 28: Consumer Bankers' Association, which represents nearly 60 of the nation's largest card-issuing banks, says its members have responded to the Target breach by replacing 15.3 million consumer cards at a cost of $153 million.
Jan. 26: Michaels, the country's largest crafts chain, reports "possible fraudulent activity" on some of its customers' payment cards, suggesting there may have been a breach. CEO Chuck Rubin says the company has not confirmed a breach, but wanted to alert customers.
Jan. 23: Neiman Marcus acknowledged cyber-criminals stole card information for 1.1 million customers who shopped at the retailer between July 16 and Oct. 30, 2013. About 2,400 cards were later used fraudulently, it said.
Jan. 16: Federal investigators warn retailers and other companies that accept card payments about an advanced piece of malicious software that potentially affected a large number of stores. It is widely believed this was the malware that infected Target.
Jan. 14: The nation's largest retail bank, J.P. Morgan Chase (Fortune 500), says it is replacing 2 million customer cards, prompted by the Target hack. ,
Jan. 11: Neiman Marcus says a cyber-security firm has found a payment card breach. The company said it is too early to tell how many customers have been impacted.
Jan. 10, 2014: Target says hackers also obtained personal information -- including name, address, phone number and email address -- for up to 70 million customers. It says there may be some overlap with the 40 million impacted by the credit and debit card breach, but it couldn't say how many were counted twice.
Dec. 27: Target says cyber-criminals made off with PIN data, adding that information was "strongly encrypted" and likely remains "safe and secure." It had earlier said PIN numbers were not part of the breach.
Dec. 21-22: Target offers customers a 10% discount on many items in its stores.
Dec. 19: Target confirms a breach from Nov. 27 to Dec. 15 involving up to 40 million cards.
Dec. 18: The Secret Service acknowledges it is investigating a reported breach that involved credit and debit cards at Target (Fortune 500). The news was first reported by Brian Krebs, a security researcher and blogger. ,
|What stumps Warren Buffett? Minimum wage|
|Water becoming more valuable than gold|
|GM's $1.3 billion recall cost wipes out profit|
|Will 7 Apples a day keep the bears away? - The Buzz|
|Ex-Wal-Mart CEO Duke retired with $140 million|