Updated:
Original:

New details emerge on Target data breach

Author:

As more details about the data breach at Target begin to trickle out, security firms are developing different theories about the attack. But all parties agree the hackers were highly sophisticated.

The Associated Press reports a global cyber intelligence firm, iSight Partners of Dallas, says the malicious software that infiltrated the point of sale system at registers "almost certainly derived" from the software product known as BlackPOS.

iSight Partners works with the Department of Homeland Security and the U.S. Secret Service. According to the AP, iSight believes the attack appears to have affected a large number of retailers, including Target.

"The use of malware to compromise payment information storage systems is not new, the report said. "However, it is the first time we have seen this attack at this scale and sophistication."

According to the AP, iSight says the software can cover its tracks and organizations may not realize they are infected.

In addition to Target, Neiman Marcus said thieves also stole customers' payment information over the holiday shopping season. iSight does not identify other retailers that may have been affected though.

However, another security firm has a slightly different take.

Seculert says analysis of publicly available access logs indicate Target was the only retailer affected. The report says there is no indication of any relationship to the Neiman Marcus attack.

Seculert says the attack on Target occurred in two distinct phases. The malware initially compromised the point-of-sale equipment at Target then after a six-day pause a second phase hijacked a separate system within Target to transmit the hijacked clientele to an exterior server.

The transmissions occurred several times over a two-week period.

The Pioneer Press reports that security experts were not surprised by the criminals' multi-pronged attack described by Seculert.

Dipto Chakravarty, executive vice president of engineering and products at ThreatTrackSecurity told the Pioneer Press, "I'm not surprised by the two-stage attack on Target. Cybercriminals want to gather all the data first, then in a few motions, download the data. It's a very common attack pattern and likely to become increasingly so."

Target officials are expected to testify in early February in Washington on the breach, according to a press release from the House Commerce, Manufacturing and Trade Subcommittee.

Next Up

Maple Grove Police Department

Maple Grove-based businessman convicted of shooting wife to death

Wiseman owns properties in both Minnesota, Nevada and China.

betty and earls biscuits facebook

Jason Matheson's biscuit shop to briefly close ahead of relaunch

Betty & Earl's will shut down for two weeks before reopening under a new name.

Simon Merino Go Fund Me

Worker dies in forklift accident at paper recycling business

The victim was described as a loving father of two who was devoted to his church.

rosie means - go fund me

Authorities ID woman killed by hit-and-run driver who ran red light

A fundraiser was created to support the family after the "sudden and senseless loss."

Prior Lake Football

Watch: Prior Lake stuns Rosemount with last-second hook and ladder

The Lakers dusted off an old favorite to get a victory on Thursday night.

unsplas - maple leaf frost fall lawn

MN gets its first frost advisories, freeze warnings of the season

The coldest spots could dip to below 30 degrees overnight.

Fleck

Ahead of Big Ten clash, Huskers fans spend their Friday mocking PJ Fleck

Huskers fans are in a playful mood ahead of Saturday's game.

Jamal Smith

New 1st-degree murder charge for man accused in youth coach's killing

A grand jury indicted the suspect in connection with the shooting of Jay Boughton.

trick or treating halloween

COVID: Mayo Clinic's tips for staying safe while trick-or-treating

A layered approach, especially for those who aren't vaccinated, is recommended.

Walz

'My patience level is gone': Walz calls on lawmakers to help hospital strain

The governor said only legislators can enact some of the needed measures.

landscape-g555db6b6e_1280

Jeep driver dies after hitting two deer, rolling into oncoming vehicle

As the SUV rolled, it struck another vehicle approaching the other direction.

carver county dog

Family's dog 'senselessly' killed with arrow in Carver County

The beloved dog was shot with an arrow on Tuesday.

Related