Target breach enabled by stolen vendor credentials

by. David Morrison

Credentials stolen from a Target vendor were used to gain access to the retailer’s computer systems and steal millions of card accounts.

“We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor’s credentials which were used to access our system,” wrote Target spokesman Molly Snyder in an email, adding the retailer had already removed the malware from its system.

The report echoes what the FBI reported in a confidential report to retailers earlier this month, which said even malware that can infect POS terminals to steal data generally still needs help to infect computer systems. In order for such a malware package to get onto a system, the FBI wrote, it must first enter through a more conventional security breach such as a one exposed in a successful phishing attack or conventional compromise of a website.

This suggests the best way to prevent sophisticated data theft attacks may be to double down on familiar types of internet security, such as not opening email from unknown people. The loss of credentials should also be reported immediately.

But as familiar as those precautions may be, one credit union security executive pointed out that while driving, people have long known they are supposed to signal changing lanes, but many do not.

continue reading »

More News