Colorado Springs News, Sports & Business

Gazette Premium Content Missed alarms and 40 million stolen credit card numbers: How Target blew it

News services - Updated: March 13, 2014 at 1:58 pm

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success, according to businessweek.com.

In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

It’s a measure of how common these crimes have become, and how conventional the hackers’ approach in this case, that Target was prepared for such an attack. Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye (FEYE), whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target’s security operations center in Minneapolis would be notified.

On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then …
 
Nothing happened.

Read more at businessweek.com

Comment Policy

Our commenting system has changed. Please register or login with your gazette.com account to comment on a story. Click here for information.

You've reached your 4 FREE premium stories this month

Get 4 more FREE stories

Simply register to continue.

Register

Subscribe now

Get access unlimited access to premium stories.

Subscribe
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
OCT
22
OCT
23
OCT
24
OCT
25
OCT
26
OCT
27
OCT
28
OCT
29
OCT
30
OCT
31
NOV
1
NOV
2
NOV
3
NOV
4
Advertisement