Here’s How Hackers Stole 110 Million Americans’ Data From Target

It appears to be among the biggest phishing catches of all time.

cybersecurity - hacker with credit card and black mask
National Journal
Dustin Volz
Add to Briefcase
Dustin Volz
Feb. 12, 2014, 10:02 a.m.

More than 110 mil­lion Tar­get cus­tom­ers had their cred­it-card in­form­a­tion stolen be­cause at least one em­ploy­ee of a heat­ing and air-con­di­tion­ing con­tract­or suc­cumbed to an email phish­ing scheme, cy­ber­se­cur­ity blog­ger Bri­an Krebs re­por­ted Wed­nes­day.

The rev­el­a­tion, if true, is the strongest in­dic­a­tion yet of what went wrong since Krebs first ex­posed the massive heist of con­sumer fin­an­cial data at the na­tion­al re­tail gi­ant late last year, a start­ling cy­ber­at­tack that has promp­ted in­tense con­gres­sion­al in­quiry. Nei­man Mar­cus and oth­er chains have also re­cently been vic­tim­ized, though it is not be­lieved that the per­pet­rat­ors are the same.

Last week, Krebs re­por­ted that hack­ers in­filt­rated Tar­get’s net­work by swip­ing the lo­gin cre­den­tials of Fazio Mech­an­ic­al Ser­vices, a Pennsylvania-based con­tract­or.

Now, an­onym­ous sources tell Krebs that cre­den­tials “were stolen in an email mal­ware at­tack at Fazio that began at least two months be­fore thieves star­ted steal­ing card data from thou­sands of Tar­get cash re­gisters.” It ap­pears that the cul­prits used a pass­word-steal­ing bot known as Cit­adel to get the job done.

Fazio, in re­sponse to its sud­den no­tori­ety last week, sent out a state­ment ex­plain­ing that it had been “the vic­tim of a soph­ist­ic­ated cy­ber­at­tack op­er­a­tion.” But Krebs notes that the com­pany’s de­fense against ma­li­cious at­tacks was a free ver­sion of a some­what im­pot­ent anti-mal­ware pro­gram, which “is made ex­pli­citly for in­di­vidu­al users and its li­cense pro­hib­its cor­por­ate use.”

Mem­bers of Con­gress are call­ing for a bill to cre­ate a na­tion­al re­port­ing stand­ard for data breaches sim­il­ar to the one that hit Tar­get. Re­tail­ers and fin­an­cial in­sti­tu­tions would be re­quired to no­ti­fy gov­ern­ment and con­sumers of breaches when they oc­cur.

The new rev­el­a­tions ar­rive on a day when the White House rolled out a set of vol­un­tary guidelines in­ten­ded to help busi­nesses de­fend them­selves against hack­ers.

What We're Following See More »
DOCUMENTS OBTAINED BY U.S. INTEL
Putin-Linked Think Tank Developed Plan to Influence U.S. Election
3 days ago
THE LATEST

A Russian government think tank run by Putin loyalists "developed a plan to swing the 2016 U.S. presidential election to Donald Trump and undermine voters’ faith in the American electoral system." Two confidential documents from the Putin-backed Institute for Strategic Studies, obtained by U.S. intelligence, provide "the framework and rationale for what U.S. intelligence agencies have concluded was an intensive effort by Russia to interfere with the Nov. 8 election."

Source:
HELPED WIN FISA APPROVAL
FBI Relied on Dossier Allegations to Monitor Page
4 days ago
THE LATEST

"The FBI last year used a dossier of allegations of Russian ties to Donald Trump's campaign as part of the justification" to monitor Carter Page, who was then a defense adviser to the Trump campaign. "The dossier has also been cited by FBI Director James Comey in some of his briefings to members of Congress in recent weeks."

Source:
AIR FORCE SCRAMBLES JETS IN RESPONSE
Russian Bombers Fly Near Alaska
5 days ago
WHY WE CARE
A MESSAGE TO RUSSIA?
Pentagon Deploying F-35s to Europe
1 weeks ago
THE LATEST

"The Air Force is set to deploy its high-tech, fifth-generation F-35A fighter jets to Europe this weekend as part of an effort to assure U.S. allies there who are worried about Russian aggression." The new, state-of-the-art fighters will train with European air units. "The Pentagon noted that the deployment had been long planned, meaning it was not a reaction to recent increasing tensions between the United States and Russia," although a statement noted the move is part of the "European Reassurance Initiative," which began three years ago when Russia annexed Crimea.

Source:
NOT ON SCHEDULE
Tillerson Meets Putin
1 weeks ago
BREAKING
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login