Late last week, as part of our ongoing investigation, we learned that additional information, including name, mailing address, phone number or email address, was also taken. I am writing to make you aware that your name, mailing address, phone number or email address may have been taken during the intrusion.
So not only are CC# and PINs 'in the wild' but personal data as well. As the letter goes on to note: "...Here are some tips that will help protect you: Never share information with anyone over the phone, email or text, even if they claim to be someone you know or do business with. Instead, ask for a call-back number...." "Anyone" apparently including Target. I wonder if this will encourage Mr. Steinhafel to have his cashiers stop asking for email addresses etc. at the point of sale as well?
Real Users are afraid they'll break the machine -- but they're never afraid to break your face.