Home Business IT Security A target for hackers

Global retail store giant Target USA’s point of sale system was hacked in December – more than 40 million US customers card and other details have been breached, apparently by a Ukrainian crime syndicate.

A note to Australian readers – Target Australia is owned by Wesfarmers (Coles, Kmart, OfficeWorks and Bunnings) and uses a different web site and technology – this article is about the vulnerability of online sites and point of sale sytems and shows even a reputable company such as Target USA can struggle to in its duty of care to shoppers.

As is custom in the US a growing list of class actions – 40 at last count - seeks to punish the company for failing to protect shopper’s data.

Target has not revealed the full extent of the data stolen. Other reports state that customer names, credit or debit card numbers, expiration dates and CVVs were involved in the information theft – all used for false credit card transactions. Target says that this was encrypted and is safe.

An FTC (Federal Trade Commission) report uses the words “What the hackers obtained is as good as gold.” The lawsuits - all positively phrased to accentuate the potential for loss of course - suggest that the affected customers will have to worry about data security for years.

It is not clear how the hack occurred but it has been suggested that malware was responsible. Malware can be manually loaded by someone with access to the corporate network, or more worryingly, from an internet connected device somewhere on Target’s network. If it is the latter, it could set back the cause of Bring Your Own Device considerably.

Target has engaged a third party to track down the cause – but it should release its findings quickly - customers deserve to know what happened and how future attacks will be prevented.

Target is also establishing a credit card monitoring program but details are not available yet.

Apparently, master phishers have been quick to spam Target customers purporting to be from Target asking for social security number, credit card number, and/or other personal information.

Opinion

The internet is a dangerous place – I am sure Target USA did everything it could to secure its systems.

Add that to recent hacks at Snapchat, Skype, Twitter, Facebook and the paranoia gauge goes off the chart.

The kicker is that if such a big fish can be hacked then what about the minnows that we use every day for on-line shopping.

Online security will be a hot topic in 2014.

FREE - SYDNEY & MELBOURNE BUSINESS INTELLIGENCE EVENTS

The Holy Grail of the Business Intelligence (BI) industry – pervasive deployments and widespread end-user adoption – has remained an illusive dream for years. Until now!

REGISTER & SECURE YOU PLACE / BRING A FRIEND

Melbourne - venue Captain Melville’s CBD 2:30 – 6:00pm, Tuesday 28th April

Sydney - venue Redoak CBD 2:30 – 6:00pm, Thursday 30th April

DON'T MISS OUT - MELBOURNE REGISTER NOW!

DON'T MISS OUT - SYDNEY REGISTER NOW!

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect