Target says that about 40 million credit and debit card accounts may have been affected by a data breach that occurred just as the holiday shopping season shifted into high gear. Target says the unauthorized access may impact guests who made credit or debit card purchases in its U.S. stores from Nov. 27 to Dec. 15, 2013.

The company has determined that the information involved in this incident included customer name, credit or debit card number, and the card's expiration date and CVV (the three-digit security code).

Target is partnering with a third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures it could take. Additionally, Target alerted authorities and financial institutions after it discovered and confirmed the unauthorized access.

Target advised customers to check their statements carefully. Those who suspect there has been unauthorized activity on their cards should report it to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.

"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause," Chairman, President and CEO Gregg Steinhafel said in a statement Thursday.