While holiday shoppers were swiping their plastic, hackers were secretly swiping information.
Now, people who shopped at Target stores from Black Friday through Sunday, Dec. 15, are being urged to closely monitor their bank accounts and credit card statements.
"It's important to be vigilant," said Sonya McDonald of Randolph Brooks Federal Credit Union. "We encourage you to go look at your account, look for any suspicious activity on your account. If you see anything that is suspicious, call your financial institution right away."
Target confirmed 40 million credit and debit cards used during the busy shopping period in the weeks after Black Friday may be compromised.
Target shopper Traci Hofferber says the timing is interesting, given the text alert her husband received Tuesday evening warning him his credit card had just been used.
"He said, 'I didn't just purchase something with my credit card,'" she said. "So, he called them and (the credit card company) said, 'We'll send you a new card.' Then he saw the breach and he's like, 'That must be what it was.'"
The massive rip-off happened in stores nationwide, not online.
The Secret Service is investigating.
On its website, Target said the hackers may have obtained information on the magnetic strip including name, account number, expiration date and the security code. There was no indication PINs were obtained from debit cards.
To protect themselves, shoppers should also monitor their credit reports.
"You can go online to www.annualcreditreport.com and get a free copy of your report and ask that alerts be placed on your accounts," McDonald said.
However, placing an alert also means delays for the card holder when trying to open new credit.
McDonald also encouraged consumers to take advantage of any fraud monitoring service their credit card company or financial institution may offer.
"It sends you texts or emails any time something suspicious happens on your account," she said.