Skip to main content

New details emerge on Target data breach


As more details about the data breach at Target begin to trickle out, security firms are developing different theories about the attack. But all parties agree the hackers were highly sophisticated.

The Associated Press reports a global cyber intelligence firm, iSight Partners of Dallas, says the malicious software that infiltrated the point of sale system at registers "almost certainly derived" from the software product known as BlackPOS.

iSight Partners works with the Department of Homeland Security and the U.S. Secret Service. According to the AP, iSight believes the attack appears to have affected a large number of retailers, including Target.

"The use of malware to compromise payment information storage systems is not new, the report said. "However, it is the first time we have seen this attack at this scale and sophistication."

According to the AP, iSight says the software can cover its tracks and organizations may not realize they are infected.

In addition to Target, Neiman Marcus said thieves also stole customers' payment information over the holiday shopping season. iSight does not identify other retailers that may have been affected though.

However, another security firm has a slightly different take.

Seculert says analysis of publicly available access logs indicate Target was the only retailer affected. The report says there is no indication of any relationship to the Neiman Marcus attack.

Seculert says the attack on Target occurred in two distinct phases. The malware initially compromised the point-of-sale equipment at Target then after a six-day pause a second phase hijacked a separate system within Target to transmit the hijacked clientele to an exterior server.

The transmissions occurred several times over a two-week period.

The Pioneer Press reports that security experts were not surprised by the criminals' multi-pronged attack described by Seculert.

Dipto Chakravarty, executive vice president of engineering and products at ThreatTrackSecurity told the Pioneer Press, "I'm not surprised by the two-stage attack on Target. Cybercriminals want to gather all the data first, then in a few motions, download the data. It's a very common attack pattern and likely to become increasingly so."

Target officials are expected to testify in early February in Washington on the breach, according to a press release from the House Commerce, Manufacturing and Trade Subcommittee.

Next Up

Kirill Kaprizov

Wild win battle of NHL's hottest teams, extend winning streak to six

Kirill Kaprizov delivered a shootout winner to take down the Maple Leafs.

Eric Kendricks

Vikings downgrade Eric Kendricks to out against Lions

The Vikings have also activated Michael Pierce from injured reserve.

u.s. attorney

Minnesotan sentenced after assaulting man with baseball bat

Marshall Wayne Boshey was sentenced to 30 months in prison followed by two years of supervised release.

Target store

Target's gift card discount is back, but for this weekend only

The fine print: for Target Circle members only (but membership is free).

Screen Shot 2020-06-15 at 7.11.05 AM

Minneapolis teen arrested in St. Cloud after fleeing police in stolen vehicle

The vehicle was stolen in a car-jacking in Minneapolis Thursday.

snow, blowing snow

Winter storm warnings issued with heavy snow set to slam MN

Parts of northern Minnesota could see more than a foot of snow, but there won't be much in the Twin Cities.

D'Angelo Russell

With KAT out, Timberwolves can't upset Nets

D'Angelo Russell stepped up but couldn't overcome Brooklyn's firepower.

Everson Griffen Vikings dot com

Everson Griffen confirms he has bipolar disorder

"I’ve been running from it a long time. I’m not ashamed of it anymore.”

Angela Renee Jones, St. Cloud murder suspect

St. Cloud suspect now charged in two local murder cases

Both murders happened within a day of each other in June.