New York Times Reveals How the Target Hackers Did It

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Target hackingIn a riveting article, The New York Times provides a detailed report unveiling how Eastern European hackers were able to gain access to financial and personal data for 110 million Target customers, with little trouble.

For about a year, the hackers spent time and energy trying to crack into the networks of major American retailers. Much to the delight of the hackers, they found that Target had been using simple passwords on their remote-access servers.

Once they exposed the simple passwords, gaining access to the rest of Target’s network was simple. The hackers swiftly moved to Target’s customer data, accessing the in-store systems, containing consumer’s credit card and PIN numbers. The fruit of their labor was astonishing:

  • 100 million consumers affected
  • 70 million consumers’ credit card information obtained
  • 40 million consumers’ personal data gathered
  • $18 billion dollars in damages to banks and retailers

All Too Easy

The software, supposedly developed by a Russian teenager, called Kaptoxa, allowed the hackers to steal customer data directly off the magnetic strips of credit cards, which is normally sent to banks and credit card companies. In a hijacked server on the Target network, the hackers then stored this information.

Then, nothing. Weeks passed and Target had no idea their network had been breached. Consumers were flocking to the superstore to take advantage of holiday sales. It was only when the Secret Service contacted Target did they become aware about the huge security breach and how their consumers were unsuspecting victims.

Cleaning Up the Mess

Immediately, Target brought in security experts to figure out what had happened, how the hackers did it, and most importantly, how to stop it. The experts were able to track down the malware, delete it, and change all of the network passwords.

Target went public with the news on December 19, and the public response was both overwhelming and overwhelmingly negative. Over 70 lawsuits, many of them class action suits, have been filed against Target. In an effort to manage their customers concerns, Target has offered one year of free credit monitoring and identity theft protection to all consumers. Target will also invest $5 million to launch a campaign to educate consumers about cybersecurity and the dangers of phishing scams.

Unfortunately, security experts expect that the stolen credit card information will be available on hacker websites for at least a year.

Remember, your data is only as secure as your weakest password. We can only hope that all retailers storing our credit card information have finally learned this.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Kent Lawson

Kent Lawson is the CEO & Chairman of Private Communications Corporation and creator of its flagship software PRIVATE WiFi. He combined his extensive business and technical experience to develop PRIVATE WiFi in 2010. The software is an easy-to-use Virtual Private Network (VPN) that protects your sensitive personal information whenever you’re connected to a public WiFi network. Follow Kent on Twitter: @KentLawson.