Following up on Brian Kreb’s report that attackers were able to get to Target’s payment card system after compromising the login credentials of HVAC contractor Fazio Mechanical Services,, Jaikumar Vijayan gets responses and comments from several experts on what appears to be Target’s failure to properly segment its network. You can read his article on Computerworld.
Category: Malware
Target Hackers Broke in Via HVAC Company – Krebs
Brian Krebs gets the scoop again: Last week, Target told reporters at The Wall Street Journal and Reuters that the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor. Sources now tell KrebsOnSecurity that the vendor in question was a refrigeration, heating and air conditioning subcontractor that has worked at a…
Target security breach lasted longer than previously thought
David Rothberg reports: A Target Corp. official told a Senate committee that a massive security breach affecting up to 110 million holiday shoppers lasted three days longer than previously thought. Chief Financial Officer John Mulligan disclosed the latest information in written testimony at a hearing Tuesday before the Senate Judiciary Committee, which is considering ways to protect consumers’…
Target faces second credit union class action lawsuit
David Morrison reports: A second credit union has filed a legal complaint against Target over losses it said it sustained as a result of the firm’s card data breach late last year. The $38 million First Choice Federal Credit Union, headquartered in New Castle, Pa., filed its complaint in the U.S. District Court for the Western District…
Analyst sees Target data breach costs topping $1 billion
Tom Webb reports: Two months into the Target security breach, fraud is turning up on 10 percent to 15 percent of the stolen card accounts, a security specialist says. Based on that brisk level of criminal activity, one Wall Street analyst estimates that perhaps 5 million of the 40 million stolen credit and debit cards…
ChewBacca Malware Stole 49,000 Payment Card Details in 11 Countries
Mary-Ann Russon reports: Security researchers have discovered that a piece of malware named after the Star Wars character Chewbacca has been used to steal payment card and personal information 49,000 payment cards stored by 45 retailers in 11 countries. Details from the payment cards were stolen from 24 million payment card transactions over two months,…