In an interview with CNBC, Target’s CEO Gregg Steinhafel, confirmed that their point-of-sale terminals had been infected with malware and this was used to steal credit and debit card information from millions of people during recent hack.

It was also learned in the interview that the malware attack, which took place last month and led to the payment information of as many as 110 million customers, actually took place on December 15, four days before Target revealed it to the public.

“Sunday [December 15] was really Day 1. That was the day we confirmed we had an issue and so our number one priority was … making our environment safe and secure,” Steinhafel said during the CNBC interview. “By six o’clock at night, our environment was safe and secure. We eliminated the malware in the access point, we were very confident that coming into Monday guests could come to Target and shop with confidence and no risk.”

He went onto explains why the four day delay was “necessary” for security reasons. “Day 2 was really about initiating the investigation work and the forensic work … that has been ongoing. Day 3 was about preparation. We wanted to make sure our stores and our call centers could be as prepared as possible, and Day 4 was about notification,” he said in the interview.

Because, of course time, is never a factor when it comes to credit card theft, and the people’s who information that had been stolen wouldn’t have wanted to know right away, and maybe, say cancel that credit card.

[via Cnet, CNBC, image via j.reed’s flickr]