Secret Service spokesman Brian Leary confirms the agency is investigating, but declined to provide further details.
According to The Wall Street Journal, the breach involves the theft of data stored on the magnetic stripe of cards used at store registers across the United States. Officials say the machines may have been tampered with.
The breach appears to have begun on or around Black Friday, one of the busiest shopping days of the year.
The Wall Street Journal reports customers who shopped online do not appear to be affected.
Professor Clifford Neuman, who runs USC's Center for Computer Systems Security, suggests Target shoppers should frequently check their credit card statements and consider changing their debit card pins.
"It is much easier to resolve an issue of a fraudulent credit card charge than it is with a debit card. If you have credit cards and debit cards, use the credit card for most of your purchases," said Neuman.
A spokeswoman for American Express says the company is "aware of the incident." Target Brands Inc. has yet to comment on the investigation.
The discount chain has 1,797 stores in the United States.
ABC News and The Associated Press contributed to this report.