The department was informed Dec. 23 that nearly 4,000 people who had debit accounts connected with their child support payments were affected, and a "handful" of confirmed cases contained fraud, according to a statement Wednesday by department spokesman Joe Scialfa. He did not know the exact number.
EPPIC is the company that manages the estimated 100,000 debit cards for the state.
EPPIC initiated automated calls to these cardholders and were able to successfully contact 3,000 to notify them of the breach affecting their cards and the spending restrictions imposed, according the department website. The company issued new cards to all 3,998 affected Jan. 9 and contacted affected cardholders by letter and phone to let them know new cards were issued, Scialfa said
Only a small percentage of the replacement cards have not been activated, he said.
EPPIC worked with those affected "to make them whole as quickly as possible," Scialfa said.
He said the company offered provisional credits to people who believed that they were victims of theft, if they filled out a questionnaire within the 10 business day window of receiving the forms.
Target disclosed on Dec. 19 that the data breach compromised 40 million credit and debit card accounts between Nov. 27 and Dec. 15. Then on Jan. 10 it said hackers also stole personal information - including names, phone numbers, and email and mailing addresses - from as many as 70 million customers.
Target has said it believes hackers broke into its network by infiltrating the computers of a vendor. Then the hackers installed malicious software in the checkout system for Target's estimated 1,800 U.S. stores.