Target Puts Spin on Breach?

At http://news.yahoo.com/target-says-39-strongly-encrypted-39-data-taken-201240036.html Target is putting their "spin" on the data breach where 40 million customers' credit card data was stolen.

Quote :

Target said the PIN data is encrypted within company systems that can only be decrypted by its "external, independent payment processor." The "key" to decrypt the data is not part of the Target system and could not have been taken, it said.

"The most important thing for our guests to know is that their debit card accounts have not been compromised due to the encrypted PIN numbers being taken," Target said.

The way I interpret this, Target wants people to believe all is well on the theft of customers' card theft data because thieves got encrypted data that they cannot use.  

Maybe the PIN numbers are secure, but the credit card data wasn't and thieves can still charge purchases to the cards without having PIN numbers.  Target has said previously that hackers had obtained data that included customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code.  Okay, maybe thieves cannot get cash from an ATM without a PIN, but they can buy gas at the pump, make store purchases (with a scribbled signature), order stuff online, etc..