Vendor linked to Target breach: 'We are a victim of a sophisticated cyber attack'

Author:
Updated:
Original:

A Pennsylvania refrigeration, heating and air conditioning company that was linked to the massive Target data breach earlier this week confirmed it was also a victim of a "cyber attack."

Security blogger Brian Krebs called out Fazio Mechanical Services Inc. of Sharpsburg on Wednesday, saying the hackers who snatched personal and financial information belonging to millions of Target shoppers gained access to Target's network using credentials stolen from Fazio.

"Like Target, we are a victim of a sophisticated cyber attack operation," Ross Fazio, Fazio's president and owner, said in a written statement. "We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive initiatives that will further enhance the security of client/vendor connections making them less vulnerable to future breaches."

The subcontractor worked at a number of Target locations and other top retailers, according to Krebs. An anonymous cyber security expert told Krebs that it is common for large retail operations to have a team that monitors energy consumption and temperatures in stores. To do this, "vendors need to be able to remote into the system," the expert said.

However, Fazio said it does not perform remote monitoring or control heating, cooling and refrigeration systems for Target.

"Our data connection with Target was exclusively for electronic billing, contract submission and project management," Fazio said.

The company says no other customers have been affected by the breach.

The U.S. Secret Service has confirmed an investigation into Fazio, but wouldn't provide further details, the Associated Press reports. Minneapolis-based Target and the U.S. Attorney's Office also declined to comment.

Next Up

protest, Daunte Wright

LIVE UPDATES: Protesters, police clash in Brooklyn Center

Tracking Monday night's clashing between law enforcement and demonstrators.

Tim Gannon

Brooklyn Center recommends firing police chief and officer who shot Daunte Wright

The new acting city manager will make the decision on Tuesday.

Screen Shot 2021-04-12 at 8.54.21 PM

Cop who fatally shot Daunte Wright identified as Kim Potter

She is a 26-year veteran on the police force.

Screen Shot 2021-04-12 at 6.36.53 PM

Chauvin trial: Cardiologist among witnesses as prosecution draws to close

Judge Peter Cahill also rejected the defense's motion to sequester the jury on Monday following a fatal police shooting in Brooklyn Center.

Screen Shot 2021-04-12 at 8.27.03 AM

Medical examiner: Wright died of gunshot wound to the chest

The 20-year-old was killed by a police officer on Sunday, April 11.

Screen Shot 2021-04-12 at 5.44.29 PM

Brooklyn Center fires city manager following Daunte Wright killing

The mayor has taken swift action after being granted extra powers by the city council on Monday.

Brooklyn Center unrest

National Guard presence in Twin Cities to double; 25-30 arrested on Sunday

Gov. Tim Walz said it's 'devastating and heartbreaking that we're here once again' following the killing of Daunte Wright.

Tim Gannon

Brooklyn Center police chief: 'Once we got pelted, we responded in kind'

The police presence will be enhanced Monday and beyond.

Screen Shot 2021-04-12 at 12.05.47 PM

Chief: Officer who killed Daunte Wright meant to use Taser, pulled gun by mistake

Chief Tim Gannon provided the update as Brooklyn Center PD released bodycam footage of Daunte Wright's death.

Related