Late last week, as part of our ongoing investigation, we learned that additional information, including name, mailing address, phone number or email address, was also taken. I am writing to make you aware that your name, mailing address, phone number or email address may have been taken during the intrusion.
So not only are CC# and PINs 'in the wild' but personal data as well. As the letter goes on to note: "...Here are some tips that will help protect you: Never share information with anyone over the phone, email or text, even if they claim to be someone you know or do business with. Instead, ask for a call-back number...." "Anyone" apparently including Target. I wonder if this will encourage Mr. Steinhafel to have his cashiers stop asking for email addresses etc. at the point of sale as well?