of encryption we re safe. tell us about the vulnerability that was recently uncovered. a lot of people will see something called wpa2. that s the encryption standard out for 12 or 13 years. what the researchers found. i was glad they did it this way. what they found is that if they could trick the router into reusing a set of keys, part of it is called the key recovery, it is regenerating the same keys it fools you into thinking you haven t used this particular encryption key before. if you have that s how they were able to break it. you think your blinds are down and your virtual blinds are up. we see the data because you think it s encrypted. jon: these are public networks if i go into a coffee shop that provides free wifi, am i vulnerable? if you re an free wifi and no protection you re vulnerable.
chip? no, no. the chip is better than the strip. why? reporter: exactly, brooke. i actually wanted to show you the difference. i m holding up two cards in my hand. there is one key difference. this is the european version. actually has a chip imbedded inside the card. this is the american version that purely relies on this strip on the back. the issue with the magnetic strip is that every single time you make a transaction, your information travels from the card to the payment processor and it can be intercepted by hackers. they can use your information to create duplicate cards. they can also use card scanners to get your information as well. with the european version, all your data is actually stored on this tiny little chip here. it is heavily encrypted. the encryption key is unique for every single transaction. i ve been speaking to ethical hackers about this and they re telling me that if every single american had one of these cards, these mass data breaches you re seeing with n
it. all right. target says that a encryption key is needed for those encryption numbers. the card wasn t stolen because it s held bien independent processor. you know, it s so interesting, alexandra, it really seems that target was also a victim, let s be clear about this. they were hacked into, they ve had their information stolen as well. they ve got security measures in place. i m sure they re re-evaluating their security measures. it s interesting that they can say the numbers were stolen but they re encrypted. then you hear the expert saying, yeah, but there s only 10,000 combinations so they might be able to figure that out. shoppers, are they concerned or are they getting new cards which seems the logical thing to do? reporter: right, something like this always raises big
we reached out to them yesterday and asked what the deal was with pins. here s what they told us. they said to us yesterday, to date, there s no evidence that unencrypted pin data was compromised. no evidence is what they told us yesterday. they also added, based on our communications with financial institutions, they have not seen any indication that any pin data was compromised. you can see how cleverly worded that was. i was talking to a hacker, and i said, should people be worried royalty now? he said there s two things you should understand. first, target doesn t store the encryption key in their system, so that s good news, and they have one of the more robust type of systems so it looks good for target right now. it is possible these hackers could eventually get the numbers, but they would have to be very sophisticated to do that. for full disclosure, i
they re not actually able to decrypt those pins. it is looking a little bit better for target and consumers. the pins were stolen, but it s unlikely the thieves will be able to unscramble those pins. i don t know if i m feeling that comforted if i m one of the 40 million. if they were brilliant enough to grab it, acquiesce it, are that means they might it be able to figure out how to encrypt those codes. that s what i m thinking it s interesting but target saying they don t actually store the encryption key anywhere. it is highly unlikely they re saying these hackers will be able to unscramble these pins. hopefully many will be confidented by that. good news, bad news. how is that? all right, thanks so much, zain asher. appreciate that. of course. meantime the u.s. has intercepted is messages from senior al qaeda operatives. detailing plans for new attacks. their findings right after this.