Friday, December 20, 2013

CYBERTHEFT - Target Inc. Gets Hacked For Customer Credit Card Info

"U.S. consumers have many protections but no guarantees against credit card fraud" PBS Newshour 12/19/2013


GWEN IFILL (Newshour):  The retail chain Target confirmed that hackers breached tens of millions of credit card and debit accounts at the height of the shopping season, just before Thanksgiving and right up until Dec. 15.

The theft occurred when people swiped their cards in store, not online.  The retailer confirmed that customers' names, credit card and debit card numbers and security codes were stolen.  It's the latest in a series of major breaches in recent years.

We explore them with Steve Surdu of Mandiant, a cyber-security firm.

How did 40 million accounts get compromised?

STEVE SURDU, Mandiant:  Well, we don't know the details at this point in time.  They're still investigating.

But, obviously, information had to be siphoned off from the organization.  Attackers almost certainly came in from outside, put software in place that allowed them to aggregate the information over time and then remove it, so that they could use it.

THAT IS:  Hackers installed a Trojan virus that allowed external access to Target systems.

No comments: