UPDATED: 6:35 p.m. Dec. 20, 2013
ORIGINAL: 6:13 a.m. Dec. 19, 2013

NEW YORK (CBSDC/AP) — The CEO of Target has announced stores will extend a 10-percent discount to customers this weekend in the wake of a massive data breach issue.

CEO Gregg Steinhafel issued a statement Friday apologizing for up to 40 million credit and debit card accounts possibly being compromised during a large-scale data breach that began just prior to Black Friday and lasted nearly three weeks. The 10 percent discount will be offered in-store Dec. 21-22 in response to the breach.

Target says it has already identified and resolved the issue and is working closely with law enforcement and financial institutions.

The breach is believed to have begun the day before Thanksgiving, Nov. 27, and may have continued through Dec. 15, 2013. Black Friday and holiday shoppers may be impacted by the massive intrusion.

“I can’t afford for them to steal my money,” one New York City shopper told ABC News. “I got a baby to feed.”

Target alerted authorities and banks immediately after it became aware of the breach.

“It’s upsetting. You know, you work hard for your money,” another shopper tells WNEW reporter John Domen. “You will always have somebody that’s trying to scheme on somebody’s financial gain. There’s nothing you can do. Nothing you can do.”

The shopper, who is identified only as Tamara, believes her Target credit card may have been one of the cards impacted. The card was declined at one Target location recently while all of her other cards worked without issue.

The retailer is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident.

“We regret any inconvenience this may cause,” Target chairman and CEO Gregg Steinhafel said. “We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”

Secret Service spokesman Brian Leary confirms the agency is among the agencies involved in the investigating, but declined to provide further details.

Target is just the latest retailer to be hit with a data breach problem. TJX Cos., which runs stores such as T.J. Maxx and Marshall’s, had a breach that began in July 2005 that exposed at least 45.7 million credit and debit cards to possible fraud. The breach wasn’t detected until December 2006. In June 2009 TJX agreed to pay $9.75 million in a settlement with multiple states related to the massive data theft but stressed at the time that it firmly believed it did not violate any consumer protection or data security laws.

Target Corp. said that customers who made purchases at its U.S. stores during the impacted period and suspected unauthorized activity should call them at 866-852-8680. The company also releasedthis “Important Notice”, detailing what customers can do in the wake of the data breach.

Target has 1,797 stores in the U.S. and 124 in Canada.

WNEW’s John Domen contributed to this report.

(TM and Copyright 2013 CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2013 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.)