[vcherubini]

I want to know an explanation of why credit card data was stored. Is this standard? Shouldn't they only need it long enough to process the transaction - there's no reason to store it, correct?

Was the data stolen in transit (should be entirely encrypted) or stolen while at rest?

[nandhp]

Is there any evidence the transaction was stored, except insofar as storage was necessary to carry out the heist? The credit card data could have been intercepted while being input (e.g. by a keylogger).

[dmix]

During the Target breach card data was scraped directly from memory of the POS machines via malware. It wasn't being stored anywhere.