What We Learned from Target's Data Breach 2013 (2024)

What We Learned from Target's Data Breach 2013 (1)

In 2013, the infamous Target data breach swept through America, compromising a devastating number of point-of-sale systems and along with it, over 40 million credit and debit card numbers. Four years later in 2017, Target reached an18.5-million dollar multistate settlement, requiring they employ an executive to oversee a comprehensive data security program. The company was also required to hire a third-party which will encrypt and protect card information, ensuring their data is secured and unreadable if accessed.

Target has since been adopting appropriate measures to keep their customers’ information safe – but it’s important to learn from where they went wrong. So what was Target lacking before? We’ve compiled a comprehensive autopsy: here's our case study, diagnosing several factors and components which led to Target’s massive security breach.

What exactly happened in the Target security breach?

According toKrebs on Security, who first reported the news, the breach involved the acquiring of customer information (encrypted PIN data, customer names, credit and debit card numbers, card expiration dates) stored in the magnetic stripe on the back of their payment cards. Undetectable malware was installed on a number of point-of-sale systems in a short amount of time, which indicates the software may have been installed via an automatic updating process. Since this breach, the U.S. has adoptedEMV technology, which would have prevented hackers from acquiring information via the magnetic stripe (in other words, their malware would not have affected the chipcard). The perpetrators completed their attack by accessing one of Target’s third-party vendors, a refrigerator contractor, Fazio Mechanical. The vendor accessing Target’s systems was not using adequate anti-malware software, and their lack of segregation between networks led to the compromise of millions of customers’ information.

We can conclude a few things from this:

  • Target’s systems were not protected and thus were vulnerable to phishing attacks
  • Networks were not adequately segregated
  • Several previous warnings were overlooked

What’s interesting to consider about the Target security breach is the fact that Target passed PCI compliance audits prior to the breach and had implemented security methods required by thePCI Security Council.

In a case study on the Target data breach, theSANS Institute Reading Roomreacted with this statement, “A comprehensive approach to security will consider all assets, not just those that fall under compliance regulations. Each asset has a specific set of threats and vulnerabilities that can be considered as part of a risk management program, rather than simply implementing what is mandated for a subset of assets. As demonstrated in this breach, many different assets were used to move throughout the network, so consideration of the POS systems alone would not address the root causes that led up to this attack.”

What Target did wrong

How a company responds to a malware infection makes a considerable difference in how an attack may impact their customers and business. The Initial response is crucial to the minimizing of a malware attack, and is also one of the areas where Target underperformed.

Target missed several internal alerts, and only discovered their breach when contacted by the Department of Justice. Their monitoring software (FireEye) alerted Target staff in Bangalore, India, who in turn notified staff in Minneapolis: but no action was taken.

Despite the fact that Target reportedly spent a large sum on security technology utilizing encryption, their data was accessed in memory where it was unencrypted.

Damages to the company

While the effects of the breach are everlasting on Target’s security approach, the company faced major losses at the time of occurrence, setting them back greatly during the holiday season. After profits dropped 46 percent during Q4 of 2013, customer visits plunged during the new year, prolonging Target’s losses. High-ranking employees, including Target’s CEO, lost their jobs, and over 140 lawsuits were filed in three years. TheHuffington Postestimates the breach had cost $252 millionbeforethe lawsuit, including the costs for banks to reissue 21.8 million cards.

How the data breach could have been prevented

A multi-layered security strategy would have prevented, if not at least mitigated the detrimental effects of this breach on Target and its customers.

Focusing on all vulnerabilities

Target’s strategy focused mainly on PCI compliance, while there are sometimes risks that fall outside of the scope of PCI requirements. Standards may also inform adversaries which security measures a businesshasimplemented, so the attacker will capitalize on vulnerabilities not on the PCI compliance checklist.

Implementing tokenization

As also stated by the SANS Reading Room, “For encryption to be effective, you must employ an in-depth defense strategy in which you also protect the key and protect access to systems where the data needs to be unencrypted in order to be processed.”

In the instance of the Target breach, tokenization would have played a crucial role in protecting consumer information. Rather than relying on basic encryption methods, the customer information would have been replaced with unique, irreversible tokens – unable to be accessed and decoded by hackers.

Adapting EMV technology

As mentioned before, an EMV terminal accepting chip cards could have also prevented the theft of information via the magnetic strip on the back of cards. CardConnect’sCardPointeandBoltP2PE terminals protect in-store transactions as all sensitive data is instantly encrypted and tokenized upon entry. The terminal accepts both cards with magnetic strips and EMV chips, utilizing PCI-validated point-to-point encryption (P2PE) for each individual transaction. All transactions captured with the CardPointe and Bolt P2PE terminals are captured in the powerful transaction management portal, CardPointe, in real-time, making it easy to accept and manage transactions. What’s also really important is that CardPointe also keeps its users apprised of the status of their business’s level of PCI compliance.

The final lesson of the Target data breach

It’s important for merchants to understand that the range of security threats can be wider than standard PCI compliance. Monitoring networks and being attentive to disruptive or unusual patterns in a system’s network is crucial to protecting their systems – and in turn, customer data. Target is just one of many companies to have faced a major data breach. Make sure your company or business is protecting your customers the best they can.

If you’d like to discuss how our security solutions can protect your business and customers, fill out the brief form below and our team will connect with you.

What We Learned from Target's Data Breach 2013 (2024)

FAQs

What We Learned from Target's Data Breach 2013? ›

The vendor accessing Target's systems was not using adequate anti-malware software, and their lack of segregation between networks led to the compromise of millions of customers' information. We can conclude a few things from this: Target's systems were not protected and thus were vulnerable to phishing attacks.

What lesson can be learned from the 2013 Target breach? ›

Communicate the problem right away.

Reports show that Target waited days before alerting customers after discovering the problem. One strategic communications expert commented that anytime you are not controlling the release of information, you're also not controlling – or containing – the message.

What did we learn from the Target data breach? ›

All the facts surrounding this attack have not been disclosed or verified, but it seems likely that two types of malware infected Target's network. One type of malware was installed on POS terminals to steal payment card data and the second type of malware was used to exfiltrate data outside the breached network.

What were some of the known outcomes of the data breach at Target in November and December 2013? ›

In November and December of 2013, Target Corporation suffered one of the largest cyber breaches to date. The breach that occurred during the busy holiday shopping season resulted in personal and credit card information of approximately 110 million Target customers being compromised.

What are the potential outcomes of a data breach? ›

A data breach can have a devastating effect on a business. Data breaches can affect the brand's reputation and cause the company to lose customers. Breaches can damage and corrupt databases. Data breaches also can have legal and compliance consequences.

What was the impact of the Target breach? ›

In 2013, the infamous Target data breach swept through America, compromising a devastating number of point-of-sale systems and along with it, over 40 million credit and debit card numbers.

How did Target respond to the data breach in 2013? ›

Target did not notify customers of the breach until December 19, four days after identifying it. In his first interview after the breach, Gregg Steinhafel, who served as Chairman, President, and CEO, justified the delay. He explained that the first day “was about making our environment safe and secure.

What did Target do after the data breach? ›

Several years after the breach, Target agreed to pay $18.5 million to settle claims by 47 states and the District of Columbia and resolve a multi-state investigation. It turned out to be a small settlement as a wave of breaches has escalated both the damage costs incurred by companies and consumers since.

What is the summary of data breaches? ›

A data breach is an event that results in confidential, private, protected, or sensitive information being exposed to a person not authorized to access it. It can be the consequence of an accidental event or intentional action to steal information from an individual or organization.

What could Target have done to prevent the breach? ›

Because the attack was spotted early, the whole mess could have been avoided. Except no one did anything. FireEye's automatic malware-deletion function wasn't enabled (which isn't uncommon, as many organizations want a person, rather than a machine, making the decisions), and the alerts were ignored.

Who was behind the 2013 Target data breach? ›

An expert from Verizon who helped investigate the hack said the files tested in Scan4You were likely used to figure out where payment information was stored. Cybersecurity experts have said the hacker, identified in court as “Profile 958,” is likely a Ukrainian named Andrey Hodirevski.

What was the major data breach in 2013? ›

In 2013, Target shoppers were targeted by hackers during the post-Thanksgiving holiday shopping spree, who compromised approximately 40 million credit and debit card numbers. In addition to card numbers, the cyber theft included customer names, expiration dates and CVVs.

Which of the following could be the results of a data breach? ›

Data breaches can result in serious, lasting problems including damaged reputation, financial loss, disruptions in operations, legal ramifications, and loss of intellectual property. Today, many organizations implement cybersecurity best practices to help prevent data breaches.

What are the impacts of data breaches? ›

Depending on the type of data involved, the consequences can include destruction or corruption of databases, the leaking of confidential information, the theft of intellectual property and regulatory requirements to notify and possibly compensate those affected.

What is most likely to result in a data breach? ›

Weak and stolen credentials

Although hacking attacks are frequently cited as the leading cause of data breaches, it's often the vulnerability of compromised or weak passwords or personal data that opportunistic hackers exploit.

What are 4 damaging after effects of a data breach? ›

Some of the more damaging consequences of data breach include:
  • Data Breach Consequences: The Toll on Financial Loss. ...
  • Consequences of Data Breach: The Impact on Reputational Damage. ...
  • Data Breach Consequences: The Disruptive Effect of Operational Downtime. ...
  • Consequences of Data Breach: Legal Implications and Actions.

What is the lessons learned phase of incident response? ›

Lessons learned is the final stage of the incident response workflow, where a post-incident analysis allows teams to debrief on what happened, what went well — and what didn't — and explore options for improving the organization's defense processes moving forward.

How did Target recover from a data breach? ›

Target bounces back

A loyal customer base and the strong brand reputation provided Target a foundation of support during its 2013 crisis. “The retailer's positive relationships with customers helped to mitigate the impact of the breach on its reputation and customer trust,” she said.

Top Articles
The Conventional 100: A 100% Mortgage for First-Time Buyers
Top Forex brokers in Norway: trading Forex, commodities, CFDs and Cryptocurrencies - TopForex.Trade
Drury Inn & Suites Bowling Green
Cold Air Intake - High-flow, Roto-mold Tube - TOYOTA TACOMA V6-4.0
What Are Romance Scams and How to Avoid Them
Obor Guide Osrs
Teenbeautyfitness
Sportsman Warehouse Cda
Nwi Police Blotter
Directions To Lubbock
A Fashion Lover's Guide To Copenhagen
Conduent Connect Feps Login
Https://Gw.mybeacon.its.state.nc.us/App
Bjork & Zhulkie Funeral Home Obituaries
Walmart End Table Lamps
"Une héroïne" : les funérailles de Rebecca Cheptegei, athlète olympique immolée par son compagnon | TF1 INFO
Edicts Of The Prime Designate
No Hard Feelings - Stream: Jetzt Film online anschauen
SF bay area cars & trucks "chevrolet 50" - craigslist
Walgreens Tanque Verde And Catalina Hwy
[Cheryll Glotfelty, Harold Fromm] The Ecocriticism(z-lib.org)
Ge-Tracker Bond
Beverage Lyons Funeral Home Obituaries
Globle Answer March 1 2023
Rogue Lineage Uber Titles
Sand Dollar Restaurant Anna Maria Island
Mals Crazy Crab
Sound Of Freedom Showtimes Near Movie Tavern Brookfield Square
TJ Maxx‘s Top 12 Competitors: An Expert Analysis - Marketing Scoop
Log in to your MyChart account
Osrs Important Letter
Shauna's Art Studio Laurel Mississippi
Http://N14.Ultipro.com
Ny Post Front Page Cover Today
Duff Tuff
Tugboat Information
Anya Banerjee Feet
Red Dead Redemption 2 Legendary Fish Locations Guide (“A Fisher of Fish”)
Tillman Funeral Home Tallahassee
Craigslist Tulsa Ok Farm And Garden
Thor Majestic 23A Floor Plan
Suntory Yamazaki 18 Jahre | Whisky.de » Zum Online-Shop
26 Best & Fun Things to Do in Saginaw (MI)
Rite Aid | Employee Benefits | Login / Register | Benefits Account Manager
Lebron James Name Soundalikes
Missed Connections Dayton Ohio
Arnold Swansinger Family
Festival Gas Rewards Log In
Overstock Comenity Login
Lagrone Funeral Chapel & Crematory Obituaries
Ocean County Mugshots
Vt Craiglist
Latest Posts
Article information

Author: Duncan Muller

Last Updated:

Views: 6169

Rating: 4.9 / 5 (59 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Duncan Muller

Birthday: 1997-01-13

Address: Apt. 505 914 Phillip Crossroad, O'Konborough, NV 62411

Phone: +8555305800947

Job: Construction Agent

Hobby: Shopping, Table tennis, Snowboarding, Rafting, Motor sports, Homebrewing, Taxidermy

Introduction: My name is Duncan Muller, I am a enchanting, good, gentle, modern, tasty, nice, elegant person who loves writing and wants to share my knowledge and understanding with you.