How did the Target data breach happen?

US retailer Target has been criticised after the personal information of millions of users was compromised by hackers who stole card details by getting malware on to the checkout systems in nearly 1,800 Target stores in the US.

Chief Financial Officer John Mulligan testified at the Senate Judiciary Committee hearing on Tuesday and said his company was “deeply sorry” for the breach.

Jody Brazil, CTO and Founder at security firm FireMon offers his explanation on why the Target breach occurred.

“The Target breach happened due to a third party, and it would appear that this attack could therefore, be wholly preventable. Target chose to allow a third party access to its network, but failed to properly secure that access. Even if Target had a valid reason for giving the third party access, the retailer should have segmented its network to ensure that they had no access to its payment systems,” he said.

“Several mature processes and practices currently exist for securing third party access to enterprise networks, even the Payment Card Industry Data Security Standard, which companies like Target are required to follow, specifies network segmentation as a way to protect sensitive cardholder data.

“It was Target‘s responsibility to ensure that those practices were followed, but the fact that attackers were apparently able to leverage third party access to reach Target‘s payment systems suggests those practices were improperly implemented. Brazil said the only really sophisticated component of the attack appears to have been the malware used to intercept and steal payment card data from Target‘s POS systems.”

He added: “But the attackers would have been unable to install the malware if Target had employed proper network segmentation practices in the first place.”


Please enter your comment!
Please enter your name here