Target announced Friday the data breach that exposed customers' information around the Thanksgiving holiday is much worse than previously thought.
Last month, the company announced as many as 40 million may have had card information stolen. To be clear, this isn't a new data breach; the company just made the discovery during an investigation into the information theft.
"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," said Target CEO Gregg Steinhafel.
The company said it will try to reach customers by e-mail to inform them of the breach. While the stolen information won't necessarily allow thieves to access bank or credit card information, it does open people up to identity theft.
Target said customers who have any fraudulent charges arise from the breach will not be liable for them. The company is also offering a year of free credit monitoring and identify theft protection to anyone who shopped in its U.S. stores.
Read more: Target: PIN data stolen from card customers
Customers who used their debit or credit cards at a Target between November 27 and December 15 should request a new card and account number from their card issuer.
CNN Wires contributed to this report.