Target didn’t specify how the theft was carried out nor what portal the thieves crept in through to commit the massive theft, which Target first established in mid-December.
But even though goal didn’t give any details of the theft-via-vendor news, its actions point to possible vectors.
Particularly, as the WSJ reported last week, shortly after knowledge of the attack, Target shuttered remote access to two internal systems: a human resources website called eHR and a database for suppliers called Info Retriever.
A spokeswoman told set of connections World that in order to secure its network, in addition to turning off remote access to platforms, Target has also updated access controls.
In-depth details that originally came out of the forensic inquiry were later scrubbed by security firms, but safety blogger Brian Krebs has published copies of the original reports.
At this point, the US Department of Justice (DOJ) is investigating the breach, Attorney General Eric Holder told the US Senate Judiciary Committee on Wednesday.
The DOJ typically doesn’t discuss matters under inquiry, Holder said, but it’s making an exception in the case of this massive breach.
The theft, which apparently started the day before Thanksgiving, 27 November, and reached through the heart of Christmas shopping mania up until 15 December, involved the breach of information including client names, credit or debit card numbers, card expiration dates, and CVVs.
Goal admitted a few weeks ago that it found malware on its point-of-sale (PoS) systems.
In fact, PoS theft is becoming so widespread that the US Federal Bureau of Investigations (FBI) recently warned retailers about it, saying that it’s been seeing the same type of malware cropping up since 2011.
The organization said that over the past year, it’s seen about 20 cases in which data was stolen using the same type of malware as that inserted onto Target’s credit and debit card swiping-machines, cash registers and other PoS equipment.
It’s not going away anytime soon, that’s for sure: the FBI says the profits are huge, and the PoS malware is both too inexpensive and too widely available on underground markets for thieves to resist.
Mind you, we don’t really know yet whether rigged PoS devices are behind either the Target breach or the one that hit Michaels.
It certainly wouldn’t knock anybody’s socks off if PoS malware were to be involved, though.
Visit at : http://www.nigerianspam.com/
As SophosLabs researcher Numaan Huq describes in an article about RAM scraper malware, this type of card scam is ripe for setting us up to get card data plucked from our hands if we pull out the plastic to buy so much as a bar of chocolate.
In fact, “Buy candy, lose your credit card” is the name of a 2014 RSA safety conference session in which Numaan and Chester Wisniewski will be presenting a paper on the industrialization of this exacting type of card fraud, in February.