Home Business IT Security A target for hackers

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


Global retail store giant Target USA’s point of sale system was hacked in December – more than 40 million US customers card and other details have been breached, apparently by a Ukrainian crime syndicate.

A note to Australian readers – Target Australia is owned by Wesfarmers (Coles, Kmart, OfficeWorks and Bunnings) and uses a different web site and technology – this article is about the vulnerability of online sites and point of sale sytems and shows even a reputable company such as Target USA can struggle to in its duty of care to shoppers.

As is custom in the US a growing list of class actions – 40 at last count - seeks to punish the company for failing to protect shopper’s data.

Target has not revealed the full extent of the data stolen. Other reports state that customer names, credit or debit card numbers, expiration dates and CVVs were involved in the information theft – all used for false credit card transactions. Target says that this was encrypted and is safe.

An FTC (Federal Trade Commission) report uses the words “What the hackers obtained is as good as gold.” The lawsuits - all positively phrased to accentuate the potential for loss of course - suggest that the affected customers will have to worry about data security for years.

It is not clear how the hack occurred but it has been suggested that malware was responsible. Malware can be manually loaded by someone with access to the corporate network, or more worryingly, from an internet connected device somewhere on Target’s network. If it is the latter, it could set back the cause of Bring Your Own Device considerably.

Target has engaged a third party to track down the cause – but it should release its findings quickly - customers deserve to know what happened and how future attacks will be prevented.

Target is also establishing a credit card monitoring program but details are not available yet.

Apparently, master phishers have been quick to spam Target customers purporting to be from Target asking for social security number, credit card number, and/or other personal information.

Opinion

The internet is a dangerous place – I am sure Target USA did everything it could to secure its systems.

Add that to recent hacks at Snapchat, Skype, Twitter, Facebook and the paranoia gauge goes off the chart.

The kicker is that if such a big fish can be hacked then what about the minnows that we use every day for on-line shopping.

Online security will be a hot topic in 2014.

ITWIRE SERIES - REVENUE-CRITICAL APPS UNDERPERFORMING?

Avoid War Room Scenarios and improve handling of critical application problems:

• Track all transactions, end-to-end, all the time and know what your users experience 24/7

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Optimize your most important applications, Java, .NET, PHP, C/C++ and many more

Start your free trial today!

CLICK FOR FREE TRIAL!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect