toggle

AAPL Stock: 121.3 ( -1.07 )

Printed from http://www.macnn.com

Target POS malware found, ignored on November 30, December 2

updated 10:58 am EDT, Thu March 13, 2014

Malware identified before it sent any customer data outside Target

Reports are circulating that Target knew of its "Black Friday" data breach much earlier than it said it did. Allegedly, the company was alerted by security firm FireEye that there was a potential problem as early as November 30, but no action was taken. Additionally, auditors discovered that Target had disabled features of its security suite that could have removed the infection, prior to it purloining millions of sets of customer's payment method data.

Potentially at risk from the intrusion between November 29 and December 15, 2013 are "millions" of customer records, including credit and debit card information. The malware installed into the Target point of sale system affected "nearly all" US Target retail stores, but not the online store.

A report at Businessweek claims that India-based researchers found evidence of the breach after examining logs, and informed Target headquarters on November 30. Additional malware was discovered by the company's own sercurity software on December 2. A series of alarms was issued by the software with a highest-priority warning associated, all of which were ignored by Target security personnel.

Compounding the problem, the software's automatic malware-removal features had been disabled by Target security in the months prior to the intrusion. The malware installation was detected so early, that it had not begun to transmit its payload -- customer data -- back to its creators. Timely action by Target's security staff in pruning the malware would have prevented the entire incident from happening, and would have saved Target millions in corrective actions, the researchers say.

When confronted with the security alerts being made and ignored, Target Chief Executive Gregg Steinhafel said that "Target was certified as meeting the standard for the payment card industry (PCI) in September 2013. Nonetheless, we suffered a data breach." He concluded his brief statement by declaring that "the investigation is not complete" and noted that "we don't believe it's constructive to engage in speculation without the benefit of the final analysis."




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. sammaffei

    Fresh-Faced Recruit

    Joined: 09-04-04

    "the software's automatic malware removal features had been disabled by Target security in the months prior to the intrusion"

    This coupled with giving an outside vendor (an HVAC contractor) total access to your corporate network (including payment processing) smells like an inside job by someone fairly high up in Target security. Any firings or early retirements in the last year like right about when the malware sweeper was turned off. Any memos issued on it?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

HP 14-x030nr 14-inch Chromebook

If you're like us, chances are you've come to realize that you need the ability to access the Internet on the go. Also, you've prob ...

15-inch MacBook Pro with Force Touch

Apple's 15-inch Retina MacBook Pro continues to be a popular notebook with professional users and prosumers looking for the ultimate ...

Typo keyboard for iPad

Following numerous legal shenanigans between Typo -- a company founded in part by Ryan Seacrest -- and the clear object of his physica ...

toggle

Most Commented