It Could Have Been Worse: Target Data Breach Didn’t Include PIN Numbers
According to the most recent update from Target, PIN numbers are encrypted at the keypad with Triple DES encryption, and the company can’t decrypt them because the keys don’t exist in Target’s system. Rather, a third-party external payment processor handles all of that data; thus, unless both Target and the payment processor were both hacked, the PINs are safe.
Target's war room
So there’s that, at least.
Target has also noted that it’s working with state attorneys general, the U.S. Department of Justice, and the Secret Service on the breach. Hopefully justice will be served soon.