Target hack not possible without some old-school theft

Chris Smith

January 30, 2014 at 10:45 PM

Target’s early Black Friday sale is going on right now

The massive hack that hit Target in the weeks before Christmas 2013 wouldn’t have been possible without someone actually stealing the credentials of a vendor, Reuters revealed. “The ongoing forensic investigation has indicated that the intruder stole a vendor’s credentials, which were used to access our system,” Target spokeswoman Molly Snyder said, without revealing what was taken.

Following the theft, hackers managed to compromise Target’s point of sale (POS) systems, taking over 40 million credit and debit cards, including encrypted PINs, and personal information for over 70 million Target customers. The hackers used a malware program that was difficult to detect, which is believed to have been employed in hacking Neiman Marcus as well as other undisclosed businesses in a Target-like fashion. The FBI has recently issued a note to retailers, warning that such attacks may be performed in the future as well, so it looks like these attacks are part of a coordinated assault.

The attack may have originated from Eastern Europe, or at least the malware program used was traced back to hackers from the region, although it’s still not known who was behind the Target hack.

Meanwhile, Attorney General Eric Holder on Wednesday confirmed that federal authorities are investigating the data breach at Target, without offering specific details regarding the course of the investigation, USA Today reports.

“The Department of Justice takes seriously reports of any data breach, particularly those involving personally identifiable or financial information, and looks into allegations that are brought to its attention,” Holder told the Senate Judiciary Committee. ”While we generally do not discuss specific matters under investigation, I can confirm the department is investigating the breach involving the U.S. retailer, Target. And we are committed to working to find not only the perpetrators of these sorts of data breaches – but also any individuals and groups who exploit that data via credit card fraud.”

This article was originally published on BGR.com

News

Life

Entertainment

Finance

Sports

New on Yahoo

Target hack not possible without some old-school theft

Recommended Stories

Jamie Dimon is worried the US economy is headed back to the 1970s

Based on the odds, here's what the top 10 picks of the NFL Draft will be

WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not

Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.

Jets trade QB Zach Wilson to Broncos

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

NFL mock draft 2024: With one major trade-up, it's a QB party in the top 5

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal

Here’s when people think old age begins — and why experts think it’s starting later

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock

The new Ford Mustang's V8 is available as a crate engine

Lions' new uniforms get leaked early, and they find some humor in it

Yankees manager Aaron Boone ejected after fan mouths off to home plate umpire

Robert Kraft reportedly warned Falcons owner Arthur Blank not to trust Bill Belichick during head coach interviews

Pass or Fail: Broncos release 'Mile High Collection,' first new uniforms in over 25 years

What US taxpayers will get for another $61 billion to Ukraine

Arch Manning puts on a show in Texas' spring game, throwing for 3 touchdowns