Target Data Breach
TARGET DATA BREACH 2013/14
Introduction
There are many types of breaches that can occur when it comes to secure systems and networks. The target breach of 2013/14 was due to human error. It is said that the company had easily stolen credentials. If there was the necessary secure measures taken, this breach could have been stopped. Target did not have an adequate firewall which is why the hackers were able to corrupt the system and steal personal information and credit card information. This whole breach was caused by mistake and the failure to segregate ("Common Types of Breaches | WGA Cyber Risk Hub," n.d.) .
The hackers intent was steal money and they succeeded. Luckily for them, it took target 12 days to realize that someone had hacked into their cash registers and stolen data. By this time, it was too late to do anything. The malicious software program had already stolen the account data ("Target Says Credit Card Data Breach Cost …show more content…
It $162M In 2013-14 | TechCrunch," n.d.) .The hackers first tested the data stealing malware on a small number of registers and then uploaded it to a majority of Targets POS system ("Timeline of Target's Data Breach And Aftermath: How Cybertheft Snowballed For The Giant Retailer," n.d.). During this time, they should have been caught if the company was keeping a close eye on their system.
Analysis
How the Breach Occurred
Target allowed third party access to its network but did not secure it properly allowing criminals to infiltrate the system ("Timeline of Target's Data Breach And Aftermath: How Cybertheft Snowballed For The Giant Retailer," n.d.). This made it easy for the hackers to find a way around their firewall and get into their system. They were able to install malware on its
TARGET DATA BREACH 2013/14 point-of-scale network gaining access to guest payment information and credit card data ("Target breach happened because of a basic network segmentation error | Computerworld," n.d.). This breach was definitely one that could have been stopped. The hackers first tested their malware which is the point in which the company should have found the software and put an end to it. They needed to check their systems daily to make sure that no one had hacked into their system.
Known Losses
In total, target suffered a loss of $162 million.
They also had many class action lawsuits filed against them ("target data breach — Krebs on Security," n.d.). This breach caused target to have suspected losses of confidentiality and integrity. Millions of customers never thought twice about swiping their card at target. They had always just assumed that their information would be kept private and their credit card data would not be compromised. This breach affected 70 million customers. This happened around a major holiday when there were a lot of people shopping for gifts. Because of this breach, some of their customer’s credit cards had to be cancelled and reissued which would have been a hassle. Many people stopped shopping at target for a while until they were confident that everything was done in order to make sure that this would never happen again. Some employees were laid off due to the company needing to pay to get everything fixed and upgrade all of the software that they did not have enough money to keep everyone
employed.
Summary and Conclusion
Target needed to make many technical improvements in order to gain their customers confidence back that no one would be able to hack into the system again before they would shop
TARGET DATA BREACH 2013/14 there again. All together, target committed $100 million to making technology updates and securing the system. They now had to create chip-and-pin technology for its debit and credit cards to keep their credit card information from being used by someone else. There is nothing that target can do about the breach now because what’s done is done but it could have been stopped and it should have been.
There should never be a human error breach that causes a company to lose so much money and lose most of its customers. Once the hackers were testing out their malware, someone should have caught them and put a stop to it but it took them 12 days to even realize that someone was wrong. Customers were hassled by needing to cancel their credit cards and some of their accounts were frozen.
Introduction
There are many types of breaches that can occur when it comes to secure systems and networks. The target breach of 2013/14 was due to human error. It is said that the company had easily stolen credentials. If there was the necessary secure measures taken, this breach could have been stopped. Target did not have an adequate firewall which is why the hackers were able to corrupt the system and steal personal information and credit card information. This whole breach was caused by mistake and the failure to segregate ("Common Types of Breaches | WGA Cyber Risk Hub," n.d.) .
The hackers intent was steal money and they succeeded. Luckily for them, it took target 12 days to realize that someone had hacked into their cash registers and stolen data. By this time, it was too late to do anything. The malicious software program had already stolen the account data ("Target Says Credit Card Data Breach Cost …show more content…
It $162M In 2013-14 | TechCrunch," n.d.) .The hackers first tested the data stealing malware on a small number of registers and then uploaded it to a majority of Targets POS system ("Timeline of Target's Data Breach And Aftermath: How Cybertheft Snowballed For The Giant Retailer," n.d.). During this time, they should have been caught if the company was keeping a close eye on their system.
Analysis
How the Breach Occurred
Target allowed third party access to its network but did not secure it properly allowing criminals to infiltrate the system ("Timeline of Target's Data Breach And Aftermath: How Cybertheft Snowballed For The Giant Retailer," n.d.). This made it easy for the hackers to find a way around their firewall and get into their system. They were able to install malware on its
TARGET DATA BREACH 2013/14 point-of-scale network gaining access to guest payment information and credit card data ("Target breach happened because of a basic network segmentation error | Computerworld," n.d.). This breach was definitely one that could have been stopped. The hackers first tested their malware which is the point in which the company should have found the software and put an end to it. They needed to check their systems daily to make sure that no one had hacked into their system.
Known Losses
In total, target suffered a loss of $162 million.
They also had many class action lawsuits filed against them ("target data breach — Krebs on Security," n.d.). This breach caused target to have suspected losses of confidentiality and integrity. Millions of customers never thought twice about swiping their card at target. They had always just assumed that their information would be kept private and their credit card data would not be compromised. This breach affected 70 million customers. This happened around a major holiday when there were a lot of people shopping for gifts. Because of this breach, some of their customer’s credit cards had to be cancelled and reissued which would have been a hassle. Many people stopped shopping at target for a while until they were confident that everything was done in order to make sure that this would never happen again. Some employees were laid off due to the company needing to pay to get everything fixed and upgrade all of the software that they did not have enough money to keep everyone
employed.
Summary and Conclusion
Target needed to make many technical improvements in order to gain their customers confidence back that no one would be able to hack into the system again before they would shop
TARGET DATA BREACH 2013/14 there again. All together, target committed $100 million to making technology updates and securing the system. They now had to create chip-and-pin technology for its debit and credit cards to keep their credit card information from being used by someone else. There is nothing that target can do about the breach now because what’s done is done but it could have been stopped and it should have been.
There should never be a human error breach that causes a company to lose so much money and lose most of its customers. Once the hackers were testing out their malware, someone should have caught them and put a stop to it but it took them 12 days to even realize that someone was wrong. Customers were hassled by needing to cancel their credit cards and some of their accounts were frozen.