Target Breach: Credentials Stolen

Retailer Says Stolen Vendor Credentials Used to Conduct Attack
Target Breach: Credentials Stolen

The breach at Target Corp. that compromised as many as 40 million payment card accounts, along with the personal information of about 70 million customers, was the result of hackers stealing electronic credentials from a vendor, the retailer reports.

See Also: OnDemand | Realities of Choosing a Response Provider

"We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor's credentials, which were used to access our system," a Target spokesperson confirmed to The Wall Street Journal.

Target did not reply to a request for comment.

Security blogger Brian Krebs claimed in a Jan. 29 report that the attackers may have taken advantage of a poorly secured feature built into a widely used IT management software product that was running on the retailer's internal network. Krebs makes reference to a report from Dell SecureWorks that analyzed the Target breach.

A Jan. 17 notification from the Federal Bureau of Investigation warned that the basic code used in the point-of-sale malware tied to the breach has been seen by the FBI in cases dating back to at least 2011, according to Krebs.

On Jan. 29, U.S. Attorney General Eric Holder confirmed that the Department of Justice is investigating the Target breach [see: Feds Investigating Target Breach].

"We are committed to working to find not only the perpetrators of these sorts of data breaches, but also any individuals and groups who exploit that data via credit card fraud," Holder said in his Jan. 29 testimony before the U.S. Senate Committee on the Judiciary.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.