With Target already reeling from a massive hack that left up to 40 million credit and debit cards compromised, The New York Times now reports that all that data has been pouring into the black market since the break-in. With the breach taking place between Black Friday and December 15th, criminals on hundreds of illicit card-selling markets have likely had access to consumer information for weeks to date.

Security experts, including security blogger Brian Krebs, say that criminals sell stolen credit cards in bulk, with individual cards going for as little as a quarter or as high as $100 depending on the credit limit. With that kind of access, they can then burn the information onto counterfeit cards or use them to purchase gift cards that siphon off the victim's account.

Target issued a statement today reassuring customers that they will not be held responsible for any credit or debit fraud. While the company states that it hasn't received many fraud complaints since news of the breach broke, it has given affected account numbers to credit card companies. In addition, the company is offering a 10 percent discount on in-store purchases — evidently to curry good will among customers.

Update: Target CEO Gregg Steinhafel added that Target will now offer free credit monitoring services as an "extra assurance."