Save this content for laterSave this content on your device for later, even while offline Sign in with FacebookSign in with your Facebook account Close

Missed alarms and 40 million stolen credit card numbers: How Target blew it

By: News services
March 13, 2014 Updated: March 13, 2014 at 1:58 pm
0
photo - Did Target have a chance to stop the hackers of customers' credit cards? (AP file)
Did Target have a chance to stop the hackers of customers' credit cards? (AP file) 

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success, according to businessweek.com.

In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

It’s a measure of how common these crimes have become, and how conventional the hackers’ approach in this case, that Target was prepared for such an attack. Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye (FEYE), whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target’s security operations center in Minneapolis would be notified.

On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then …
 
Nothing happened.

Read more at businessweek.com

Register to the Colorado Springs Gazette
Incognito Mode Your browser is in Incognito mode

You vanished!

We welcome you to read all of our stories by signing into your account. If you don't have a subscription, please subscribe today for daily award winning journalism.

Register to the Colorado Springs Gazette
Subscribe to the Colorado Springs Gazette

It appears that you value local journalism. Thank you.

Subscribe today for unlimited digital access with 50% fewer ads for a faster browsing experience.

Already a Subscriber? LOGIN HERE

Wake up with today's top stories in your inbox

Wake up with today's top stories in your inbox

or
Already a print subscriber?
Already a digital subscriber?
 
This is your last FREE article for the month
This is your last FREE article for the month

Subscribe now and enjoy Unlimited Digital Access to Gazette.com

Only 99 cents for Unlimited Digital Access for 1 month
Then $2.31/week, billed monthly, cancel anytime
Already a print subscriber?
Already a digital subscriber?

 
You have reached your article limit for the month
You have reached your article limit for the month

We hope that you've enjoyed your complimentary access to Gazette.com

Only 99 cents for Unlimited Digital Access for 1 month
Then $2.31/week, billed monthly, cancel anytime
Already a print subscriber?
Already a digital subscriber?
 

Exclusive Subscriber Content

You read The Gazette because you care about your community and the local stories you can't find anywhere else.

Only 99 cents for Unlimited Digital Access for 1 month
Then $2.31/week, billed monthly, cancel anytime
Already a print subscriber? Get Access | Already a digital subscriber? Log In
 
articles remaining
×
Thank you for your interest in local journalism.
Gain unlimited access, 50% fewer ads and a faster browsing experience.