CNET

It's not just online transaction databases that are susceptible to attacks. The retailer Target is reportedly looking into the theft of millions of in-store credit card and debit card records from its databases.

Customers all over the United States were victimized, reported Brian Krebs, who cited people at two of the top 10 credit card issuers in the US.

Both of them said that the breach started on or around Nov. 29, the busy shopping day known as Black Friday, and extended to at least Dec. 6, and possibly as long as Dec. 15.

"The breach window is definitely expanding," an anti-fraud analyst in the US told Krebs. A data breach investigation firm representative who wished to remain anonymous said that they expect this breach to compare in scope to "some of the largest retail breaches to date."

The US Secret Service is also investigating the breach, according to the Wall Street Journal. Secret Service representative Brian Leary confirmed that the Service is investigating but declined to provide further details because of the "active" nature of the investigation.

An unknown number of customers who shopped at Target's physical stores are reportedly affected. Online customers are apparently not affected by the breach.

The investigation, which still has not been confirmed, has yet to reveal key factors in the breach such as what kind of information was targeted. A request for comment by Target was not immediately returned. CNET will update the story when we hear back from them.

Update, 6:40 p.m. PDT: Confirmed Secret Service involvement.

Update, 4:48 p.m. PDT: Added detail on possible Secret Service involvement.