I’ve been following this from the start and knew there was much more to the story than what was being first reported and even though I was planning to write this blog post, I thought it would be prudent to wait for more information to come out.
Let me begin to tell you if you still think this is just about Target Corp or only is related to the Target RedCard or those who shopped at Target from Thanksgiving of last year to the middle of December will be getting a reality check. You’re wrong.
Here is what we know (as of 1/17/2014): Starting on the day after Thanksgiving of this last year commonly referred to as “Black Friday” (November 29, 2013), An unknown individual or group(s) of people committed a very organized and sophisticated attack by gaining access to Target computer systems. Specifically, a pretty comprehensive piece of malicious software called a Trojan (A program causing damage or compromises the security of a computer) tool known by the name Trojan.POSRAM, a modified version of the BlackPOS malware to be installed on certain POS devices and record (memory scraping) all credit data swiped from that POS system. Reports are saying this tool created by someone calling themselves “Antikiller” infected Target’s checkout registers (POS – Point of Sale)and had the ability to obtain 40 million credit and debit card numbers, security code (CVV) and other personal details such as email and home address of up to 110 million Target customers without security programs detecting it. Security researchers are now reporting text found in samples contained the term “Rescator”. It’s believed this is a name of a person in the Ukraine selling this malware on the black market for around two thousand dollars for anyone willing to pay.
Find out what's happening in Woodburyfor free with the latest updates from Patch.
Not soon after this malware was being sold, almost every major financial institution including banks and credit card companies were being compromised. But who is using it against Target? It’s not known at this time. It’s not publicly known what type of software Target uses to run their POS systems or internal networks nor how they were accessed but sources are saying the U.S. retail market traditionally uses a system called “Domain Center of Excellence”. What has been reported publicly is Target’s Canadian stores use a payment device from Retalix, a subsidiary of payment company NCR/Radiant System which has devices in millions of convenience stores, clothing retailers and other businesses.
So I’m only speculating at this point but if these devices have been infected and whatever internal system Target uses is hacked, what is it to say these same attacks will not occur elsewhere? It was later reported high end retailer Neiman Marcus was attacked as early as July 2013 and not completely contained till January 12, 2014. This attack sharing several similar details with the Target incident, investigators are thinking they are linked. Target attacks go back to 2005 when Albert Gonzalez and two Russian accomplices attacked Target, TJ Maxx and six or so other companies taking data with more than 120 million credit and debit accounts. How could of Target let this happen again?! Their reactionary measures were poor by putting a band aid on a flesh wound. In other words, not updating a poor system that would be expensive to overhaul, they just kicked the can down the road within PCI standards (credit card processing guidelines). These standards are not working. Target has yet to reveal any other details but suffice to say these hackers had weeks to cruise around the inner workings of the Target Network. It would have to be assumed at this point to error on the side of caution to suspect the entire network is compromised says security researcher Ken Westin. To Target’s credit, their investigative department is impressive, even compared to federal agencies like the FBI as far as forensics go. Target discovered the breach on our around December 15, 2013 only to isolate it, secure it and report it by December 19th. Damage was already done multiple times over but the response was next to extraordinary.
Find out what's happening in Woodburyfor free with the latest updates from Patch.
Here is what you can do: In response Target has created web pages to keep its customers and the public informed with tips and a FAQ page. What you need to do is error on the side of caution yourselves and assume all your credit and debit cards with associated accounts have been compromised. This is just as much about gaining stolen credit card data as it is about gaining personal identities. You need to diligently review your statements with a fine tooth comb for activity you don’t recognize. You should be doing this anyway as a cautionary step in this informational digital age we live in but more so right now. So start this habit and never get lazy. The next thing you should do is assume the plastic you have has been stolen and get all new cards with all new numbers. Experts suggest to do this if the worst has happened and your information has been stolen, I say don’t be the victim. Otherwise if you can’t, at least change your PIN. Of course this can easily happen again with your new cards but reviewing your statements can help and the credit industry has been increasingly considering moving to all “smart cards”. What’s a smart card? I’m sure some of you already have or seen them but it’s just like a regular card but has a built in computer chip vs a pin or security code. Currently Europe uses them the most. So why don’t we just have them now? It’s expensive for one reason. And for another the technology and overhead to make all cards being used will take some time to institute.
The next thing you can do and should already be doing is checking your credit report. Yes, it’s been said that doing this can hurt your credit score if you do it too much but there is a difference between a hard inquiry and soft inquiries. Hard inquiries are initiated by when you apply for a credit card or loan, a soft inquiry is when no intentions are being made to make a lending decision. Soft checks do not affect your FICO score. You can even check your credit report once a year for free at annualcreditreport.com and Target issued a statement offering free credit monitoring for those affected by their breach.
If you are a Target RedCard or other Target credit holder and think you may be among the 70 million folks data is stolen, you need to contact Target RIGHT NOW if you haven’t already done so. This goes as well as if you had been attacked elsewhere in an unrelated attack. Contact that merchant after you contact your financial institution. In conclusion I wish I could say there is something you can do to prevent this from happening but there really isn’t. You can stop using plastic all together but if you’re like me in this day and age it isn’t realistic. Experts suggest you consider not enrolling in retailer loyalty programs that tie together your personal information and/or financial account information. It’s not yet known the full details of this attack but like all things, never become complacent when it comes to your personal information. For more information about cyber security, follow my blog at lutchenpc.com or contact me at david@lutchenpc.com
References
http://www.tomsguide.com/us/target-neiman-marcus-data-breach-faq,news-18199.html
http://www.wired.com/threatlevel/2014/01/target-malware-identified/
http://ethics.csc.ncsu.edu/abuse/wvt/
http://krebsonsecurity.com/2014/01/a-closer-look-at-the-target-malware-part-ii/
http://www.myfoxtwincities.com/story/24477238/target-breach-analyst-links-malware-to-russia
http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/
http://www.wired.com/threatlevel/2014/01/target-hack/
http://www.myfico.com/crediteducation/questions/inquiry-credit-score.aspx
