Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > Target POS malware found, ignored on November 30, December 2

Target POS malware found, ignored on November 30, December 2
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Mar 13, 2014, 11:59 AM
 
Reports are circulating that Target knew of its "Black Friday" data breach much earlier than it said it did. Allegedly, the company was alerted by security firm FireEye that there was a potential problem as early as November 30, but no action was taken. Additionally, auditors discovered that Target had disabled features of its security suite that could have removed the infection, prior to it purloining millions of sets of customer's payment method data.

Potentially at risk from the intrusion between November 29 and December 15, 2013 are "millions" of customer records, including credit and debit card information. The malware installed into the Target point of sale system affected "nearly all" US Target retail stores, but not the online store.

A report at Businessweek claims that India-based researchers found evidence of the breach after examining logs, and informed Target headquarters on November 30. Additional malware was discovered by the company's own sercurity software on December 2. A series of alarms was issued by the software with a highest-priority warning associated, all of which were ignored by Target security personnel.

Compounding the problem, the software's automatic malware-removal features had been disabled by Target security in the months prior to the intrusion. The malware installation was detected so early, that it had not begun to transmit its payload -- customer data -- back to its creators. Timely action by Target's security staff in pruning the malware would have prevented the entire incident from happening, and would have saved Target millions in corrective actions, the researchers say.

When confronted with the security alerts being made and ignored, Target Chief Executive Gregg Steinhafel said that "Target was certified as meeting the standard for the payment card industry (PCI) in September 2013. Nonetheless, we suffered a data breach." He concluded his brief statement by declaring that "the investigation is not complete" and noted that "we don't believe it's constructive to engage in speculation without the benefit of the final analysis."
( Last edited by NewsPoster; Mar 14, 2014 at 03:47 AM. )
     
Fresh-Faced Recruit
Join Date: Sep 2004
Status: Offline
Reply With Quote
Mar 13, 2014, 12:17 PM
 
"the software's automatic malware removal features had been disabled by Target security in the months prior to the intrusion"

This coupled with giving an outside vendor (an HVAC contractor) total access to your corporate network (including payment processing) smells like an inside job by someone fairly high up in Target security. Any firings or early retirements in the last year like right about when the malware sweeper was turned off. Any memos issued on it?
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 07:05 PM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2