Target Breach Case Study

Our group decided to discuss the Target breach. This breach occurred in 2013 when they stated hackers broke into the retailer’s network using login credentials stolen from a heating, ventilation and air conditioning company that does work for Target at a number of locations. This company called Fazio had access rights to Target’s network for carrying out tasks like remotely monitoring energy consumption and temperatures at various stores. The attackers leveraged the access provided by the Fazio credentials to move around undetected on Target’s network and upload malware programs on the company’s point of sale systems. The hackers first tested the date-stealing malware on a small number of cash registers. After they noticed it worked and it went through they uploaded it to majority of Target’s POS systems. During November 27th to December 15th 2013, the attackers used the malware to steal data on about 40 million debit and credit cards, 70 million addresses, phone numbers, and other pieces of personal information. This is one of the busiest times of the year with two major holidays and so many people are shopping …show more content…
Target had a team of security specialist in Bangalore to monitor its computers 24/7. Now the security operation center was located in Minneapolis. On November 30th Fire eye spotted the hackers. Bangalore got an alert and the Minneapolis team was flagged but nothing happened. Minneapolis did not take action on the alarms. Our group feels if an alert is generated that there's an intrusion, it shouldn't have been handled by email or a ticketing system. It should have resulted in a phone call to the on-call person, if necessary and a conference bridge until the event was diagnosed and acted upon. If it was acted up on immediately it could have been avoided or less amount of confidential information would have not been