Target's still using the old "cat's on the roof" routine, letting news trickle out a little bit at a time:
The massive data breach at Target over the holiday season is potentially much worse than the retailer first reported — as many as 110 million people may have had their identity and financial information compromised, the retailer says.
It remains unclear just how many individuals are affected and how. The company's ongoing investigation found that up to 70 million people had personal information stolen in the breach; in December, Target disclosed that 40 million accounts had been hacked.
The amount of overlap between the two figures — 70 million and 40 million — is uncertain. Target averages 30 million customers a week.
The retailer said Friday that "the stolen information includes names, mailing addresses, phone numbers or e-mail addresses for up to 70 million individuals."
"I know that it is frustrating for our guests to learn that this information was taken, and we are truly sorry they are having to endure this," Target CEO Gregg Steinhafel said in a press release.
Target previously said that data thieves stole encrypted PIN data, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on the back of cards used at Target between Nov. 27 and Dec. 15. The breach occurred after cybercriminals forced their way into Target's data system.