Even though police have arrested two people in Texas who have used stolen Target credit card information, the hackers behind the breach will likely never be found, AP reports. The breach, in which 40 million credit and debit card numbers were stolen along with the personal information for 70 million customers, was likely carried about out by Russian or Eastern European hackers. These hackers are likely part of a complex heirarchy that keeps them several layers removed from the arrested card users. More →
The Target data breach may be just the tip of the iceberg in what seems to be a massive sophisticated attack on U.S. retailers that may have possibly originated in Russia, according to newly discovered evidence. The Wall Street Journal reports that federal and private investigators who are looking into the matter have discovered that parts of the malware used to hit Target has been available on the black market since last spring, and was written in Russian, leading them to believe the attack may have ties to organized crime in the former Soviet Union. More →
The security breach at Neiman Marcus, which wasn’t acknowledged officially until a few days ago, went on for much longer than initially believed, the New York Times reports. While the retail store is yet to confirm to the public when the system was first hacked, it told credit card companies in a conference call on Monday that it all started in mid-July and that it wasn’t fully contained until Sunday, unnamed sources revealed. In its initial disclosure to the public, Neiman Marcus said it first learned about the breach in mid-December although it only decided to reveal it in January. In its notes to customers, the retailer said that key personal data, including Social Security numbers and birth dates, were not compromised. Furthermore, the company said that it doesn’t collect card PINs in its stores, and that it had “no knowledge of any connection” between the Target hack and the one it suffered. The retail chain is yet to reveal how many credit and debit cards were compromised during the attack. More →
More unofficial details about the late 2013 Target hack that exposed up to 40 million credit and debit cards and personal data for up to 70 million customers have started to surface, Krebs on Security reports, revealing that a piece of malware that’s “nearly identical” to a 207kb malicious program sold on the black market with prices starting at $1,800 may have been responsible for the massive card data breach. More →
As has been widely reported over the past month, Target was the target of a major security breach that compromised credit and debit card data belonging to a staggering 70 million consumers. The attack took place during the busy holiday shopping season and as was discovered late last month, many of the cards impacted by the breach are already being sold on the black market along with associated sensitive cardholder data. This is a huge breach with obvious widespread implications for a shockingly large number of American consumers — 70 million represents more than 20% of the U.S. population. If you think you may be among those affected, however, there are some steps you can take to protect yourself. More →
Target was not the only retail chain under attack during the 2013 Black Friday hack, with Neiman Marcus and other unnamed retailers confirmed to have been hit in a similar fashion. Target has recently confirmed that hackers managed to steal personal data belonging to 70 million people during the attack, after initially saying they stole credit and debit card data belonging to up to 40 million customers, including encrypted keys.
Target on Friday further revealed the scope of the hacking attack it suffered during the busy 2012 Black Friday and Christmas shopping season, saying that additional personal data has been stolen by hackers, on top of credit/debit card information and encrypted pins. The company said that the stolen info includes names, mailing addresses and phone numbers or email address from as many as 70 million Target customers. The number is significantly higher than the previous estimate, which suggested that up to 40 million credit and debit card numbers were stolen. More →
Target on Friday confirmed that hackers managed to steal encrypted data including encrypted PINs, as reported by Reuters earlier this week, but added that the PIN numbers are still safe and hackers shouldn’t be able to use the information to compromise debit cards. According to the retailer, the PIN information is encrypted at the keypad and it remains encrypted within the system until it is decrypted only by the external payment processing company. The PINs were encrypted with Triple DES, “a highly secure encryption standard used broadly throughout the U.S.” More →
The hackers who managed to steal data for up to 40 million credit cards used in Target stores on Black Friday and in following weeks have reportedly accessed the associated encrypted personal identification numbers (PINs) as well, which could be cracked and used to make fraudulent withdrawals. Reuters revealed the news in a recent report, which cited “a senior payments executive familiar with the situation.” However, Target says that unencrypted PINs were not accessed during the “sophisticated” digital heist and that there was no evidence that PINs were compromised, even if encrypted data that may have or may have not contained encrypted PINs was stolen. More →
Target confirmed earlier this week that approximately 40 million credit card and debit card numbers belonging to patrons who shopped in the company’s stores on or around Black Friday were stolen in a massive security breach that took place between November 27th and December 15th. Now, the reporter who broke the story is back with some more bad news for Target customers: Those stolen credit card numbers and associated data are now available for sale on several black market websites. More →
UPDATE: Target on Thursday confirmed that 40 million credit and debit cards were breached between November 27 and December 15, ZDNet reports, with hackers stealing personal data including customer name, credit/debit card number, expiration date and the three-digit security code.
Millions of Black Friday Target shoppers may be at risk, multiple reports reveal, as hackers may have targeted the giant retail chain’ stores during one of the busiest shopping days of the year, potentially walking away with important credit card and debit card data. Krebs on Security says that the data breach extends to “nearly all Target locations nationwide,” and occurred from Thanksgiving 2013 to December 6, although it could have been extended up to December 15. More →
According to National Retail Federation, shoppers spent about $1.7 billion less during the Thanksgiving weekend than they did in 2012. The sluggish weekend was anticipated, because Amazon and Walmart had started relatively aggressive promotions well before Black Friday. Nevertheless, the NRF numbers leave the fate of this winter shopping season very much up in the air. According to group, the number of people shopping either online or in the real world ticked up 1% over the last year’s period. But weekend spending dropped by a rather sharp 16 bucks to $407.55 per consumer. More →
Last week rumors began to circulate that Apple was planning to open itsy bitsy retail stores in as many as 25 Target locations. During a presentation on Thursday, Target confirmed that it will have 25 stores featuring “special displays” of Apple products. Neither company has provided details on the partnership, however it will likely be similar to Apple’s deal with Best Buy, which sells the company’s products from dedicated mini stores within more than 600 Best Buy locations. More →