Information Security Breach Case Study

Information Security Breach these days has been a popular subject in news. Almost every companies have been hacked, if not yet, they should not consider themselves as more secure than others that have already been there. In December 2013, Target was one of the victims with more than 40 million credit cards and debit cards that were stolen by malicious people. Just right before Thanksgiving a malware was installed inside target database. So between November and December 2013, over 11GB of critical information was taken. The sad thing is that the company did not notice, even with the international alert, it still missed to take proper measures to stop the process. Private data for more than million customers was compromised from its data point of sales (POS). This paper will detail the reason why the breach happened, how target would have prevented the threat and mitigate the attack so it cannot happened again (Greenberg, 2014).
What was the cause of this security breach? Apparently, Target did not have proper network segregation which means …show more content…
Defense in depth is recommended in order to make it difficult for hackers to access the network, and easier for security staff to detect the invasion; since multiple layers of protection would be implemented. For instance, with the defense in depth, data would have not been accessed so easily or without any sort of alert (Vijayan, 2014). By the time the first, second, and third layers were accessed, information security staffs would be notified, and in addition, hackers would have been tired, trying to reach the intended destination. The control must be applied in both the technology and the employees as well; people charged to perform auditing, management of the system and mostly those in charge of incident response are supposed to be involved (Rachidel,