Skip to main content

New details emerge on Target data breach

  • Author:
  • Updated:
    Original:

As more details about the data breach at Target begin to trickle out, security firms are developing different theories about the attack. But all parties agree the hackers were highly sophisticated.

The Associated Press reports a global cyber intelligence firm, iSight Partners of Dallas, says the malicious software that infiltrated the point of sale system at registers "almost certainly derived" from the software product known as BlackPOS.

iSight Partners works with the Department of Homeland Security and the U.S. Secret Service. According to the AP, iSight believes the attack appears to have affected a large number of retailers, including Target.

"The use of malware to compromise payment information storage systems is not new, the report said. "However, it is the first time we have seen this attack at this scale and sophistication."

According to the AP, iSight says the software can cover its tracks and organizations may not realize they are infected.

In addition to Target, Neiman Marcus said thieves also stole customers' payment information over the holiday shopping season. iSight does not identify other retailers that may have been affected though.

However, another security firm has a slightly different take.

Seculert says analysis of publicly available access logs indicate Target was the only retailer affected. The report says there is no indication of any relationship to the Neiman Marcus attack.

Seculert says the attack on Target occurred in two distinct phases. The malware initially compromised the point-of-sale equipment at Target then after a six-day pause a second phase hijacked a separate system within Target to transmit the hijacked clientele to an exterior server.

The transmissions occurred several times over a two-week period.

The Pioneer Press reports that security experts were not surprised by the criminals' multi-pronged attack described by Seculert.

Dipto Chakravarty, executive vice president of engineering and products at ThreatTrackSecurity told the Pioneer Press, "I'm not surprised by the two-stage attack on Target. Cybercriminals want to gather all the data first, then in a few motions, download the data. It's a very common attack pattern and likely to become increasingly so."

Target officials are expected to testify in early February in Washington on the breach, according to a press release from the House Commerce, Manufacturing and Trade Subcommittee.

Next Up

Screen Shot 2022-08-12 at 1.58.08 PM

2 ejected, 1 killed in crash that closed southbound I-35

The State Patrol says neither were wearing seat belts.

best buy

Best Buy makes job cuts weeks after warning of soft sales

The Richfield retailer has been dealing with a shift in consumer trends.

Screen Shot 2022-08-12 at 10.26.20 PM

Man makes 'vague comments' about Jewish people, smashes own car with club

It happened at a course that was founded as a Jewish country club 100 years ago.

Screen Shot 2022-08-12 at 9.59.07 PM

4 abandoned puppies found in a bucket in Willmar

The puppies were in good health when they were discovered.

Minneapolis police

Suspect of home invasion, murder in Minneapolis arrested in Wisconsin

There have been 57 deaths reported as homicides in Minneapolis this year.

Carson McCoy

Charges: Man stole handgun from house, fired at motorcyclists from car

A chaotic scene that led to a police chase unfolded after an alleged burglary in Ham Lake.

Mounds view 7 - crime scene

BCA's Uniform Crime Report shows violent crime in MN spiked in 2021

The report details violent crime trends in the seven-county metro and Greater Minnesota.

Screen Shot 2022-08-12 at 4.49.22 PM

Search for vulnerable man, 66, missing from Brooklyn Park

Alex Ramirez was last seen in the early hours of Thursday morning.

St. Cloud Times

St. Cloud Times writing staff hit by Gannett budget cuts

Mass layoffs were expected at Gannett-owned outlets across the country.

PoolScammerLawsuitAG

Pool company sued by AG for allegedly scamming homeowners out of $1M-plus

According to the lawsuit, 17 Minnesota homeowners were affected by this scam.

Related