Target lowers Q4 guidance as it uncovers additional data stolen during breach

MINNEAPOLIS — Customers' mailing addresses, names, phone numbers and email addresses were among the data stolen as part of a massive breach of payment card data at Target, the mass merchandise retailer said Friday.

Target said the information stolen, affecting as many as 70 million people, was not a new breach, but was uncovered as part of the investigation of the original breach, which took place between Nov. 27 and Dec. 15 and resulted in the theft of payment card data from about 40 million customers.

The retailer said much of the data stolen is incomplete, but it will seek to contact customers whose email addresses were stolen with information on avoiding scams.

The breach has also forced the chain to lower its U.S. segment guidance for fourth quarter 2013, from $1.50-$1.60 per share to $1.20-$1.30, due to a 2.5% decline in comps. That decline resulted from stronger-than-expected fourth quarter sales before the Dec. 19 announcement of the breach and weaker-than-expected sales since then, and the company expects a 2-6% decline in comps for the remainder of the quarter despite an improvement in recent days. The company also anticipates charges related to the breach, such as card resistance costs, investigative and consulting fees, payments to card networks and others.

"In light of the recent data breach, our top priority is taking care of our guests and helping them feel confident in shopping at Target," EVP and CFO John Mulligan said. "At the same time, we remain keenly focused on driving profitable top-line growth and investing our resources to deliver superior financial results over time."