In the year 2013, one of the biggest retail data breaches in history occurred, where Target lost the credit and debit cards of over 40 million customers, along with the personal information of 70 million customers. It all started right before Thanksgiving on November 27, when someone installed malware in Target’s security and payments system that was designed to steal every credit card used at the company’s many stores throughout the United States. When a shopping item was scanned and the cashier processed the credit card number, the malware would apprehend the number, then store it on a Target server hijacked by the hackers (Riley). This went unnoticed for three days until the hackers uploaded extraction malware to move the stolen data, and
…show more content…
In addition, they failed to respond to multiple automated warnings from the company 's antivirus software, that the attackers were installing malicious software and making escape routes for the information they planned to steal (Bloomberg). And during their Congressional hearings, Target admitted it was true that security software did detected potentially malicious activity during the massive data breach, but its staff decided not to take immediate action. With situations like this, it shows how important it is to have a trained workforce with time to appropriately analyze logs that would have uncovered the malware and allowed them to network traffic to lessen losses had the breach still occurred. In the end, Target has felt the impact of this breach for a long time, from having to restructure its security system to making a settlement, where a 10 million dollar fund will be established for victims of the attack. Likewise, after an event like this, let’s hope Target has shown fellow retailers and other enterprises how to avoid this
In addition, they failed to respond to multiple automated warnings from the company 's antivirus software, that the attackers were installing malicious software and making escape routes for the information they planned to steal (Bloomberg). And during their Congressional hearings, Target admitted it was true that security software did detected potentially malicious activity during the massive data breach, but its staff decided not to take immediate action. With situations like this, it shows how important it is to have a trained workforce with time to appropriately analyze logs that would have uncovered the malware and allowed them to network traffic to lessen losses had the breach still occurred. In the end, Target has felt the impact of this breach for a long time, from having to restructure its security system to making a settlement, where a 10 million dollar fund will be established for victims of the attack. Likewise, after an event like this, let’s hope Target has shown fellow retailers and other enterprises how to avoid this