Missed alarms and 40 million stolen credit card numbers: How Target blew it

By: News services
March 13, 2014 Updated: March 13, 2014 at 1:58 pm
photo - Did Target have a chance to stop the hackers of customers' credit cards? (AP file)
Did Target have a chance to stop the hackers of customers' credit cards? (AP file) 

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success, according to businessweek.com.

In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

It’s a measure of how common these crimes have become, and how conventional the hackers’ approach in this case, that Target was prepared for such an attack. Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye (FEYE), whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target’s security operations center in Minneapolis would be notified.

On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then …
Nothing happened.

Read more at businessweek.com

Comment Policy

LoginORRegister To receive a better ad experience

Learn more
You are reading 0 of your of 0 free premium stories for this month read

Register Today To get to up to 4 more free stories each and every month

  • Get access to commenting on articles
  • Access to 4 more premium pieces of content!
  • See fewer annoying advertisements
We hope you enjoyed your 4 free premium stories
Continue reading now by logging in or registering
Register Now
Already registered? Login Now