Fresh Facts Emerging from Target Hack Should Scare Payment-Card Using Consumers

Fresh Facts Emerging from Target Hack Should Scare Payment-Card Using ConsumersThe unraveling cyber-theft saga that started with the historic hack on U.S. Target stores is ballooning so much that consumers who use credit or debit cards should be concerned next time they make non-cash purchases at brick-and-mortar retailers.
Both Target and Neiman Marcus are under fire for not coming forward sooner about the security breaches. The attacks were made public thanks to Brian Krebs, the independent cybersecurity investigator/journalist.
The New York Times reported Friday that Target didn’t have a clue about the breach until the Secret Service alerted the nation’s No. 3 retailer about two weeks before Christmas. The hack was initiated over the Thanksgiving holiday shopping weekend.
U.S. investigators had been tracking these cyber criminals overseas. The suspicious credit activity spotted in December provided one common element that stood out: charges and payments made by customers at Target stores.
Another month would go by after the Secret Service let Target in on the breach for investigators to release a report on the Target hack, revealing this week that the theft of 40 million credit and debit cards was only part of a wider hacking campaign focused on several retailers.
“The fact that it took almost a month for details to come out about what actually hit Target is inexcusable,” Krebs told The Huffington Post. “Target should have told the rest of the retail industry weeks ago.”
IntelCrawler, a cyber-security firm, reported Friday that it found six other retailers that had been hacked with the same  malware used in the Target attack. IntelCrawler did not identify the retailers.
The Times said the malware, known as a memory scraper, is also known as Kaptoxa, which is Russian slang for “potato” and is often used by underground criminals to refer to credit cards.
The cyber criminals waited six days before extracting the customer card account data from the Target infected server and moving it to a web server that was itself infected with malware. From there, they moved the data to a server in Russia that served as a proxy to hide the criminals’ true whereabouts, The Times reports, based on information from Aviv Raff, the chief technology officer at Seculert, a security company in Israel that has been investigating the malware used on Target’s systems.
The Times: “Within two weeks, criminals had taken 11 gigabytes worth of Target’s customer data: less than the amount of memory on Apple’s iPad Mini, but enough to contain 40 million payment card records, encrypted PINs and 70 million records containing Target customers’ information.”

Leave a Reply

Your email address will not be published. Required fields are marked *