nb_cid nb_clickOther -tt-nb this.style.behavior='url(#default#homepage)';this.setHomePage('http://www.aol.com/?mtmhp=acm50ieupgradebanner_112313 network-banner-empty upgradeBanner
AOL Mail
AOL Mail
AOL Favorites

Target data hack linked to Pennsylvania HVAC company

Customers crowd the entrance to a Target store

NEW YORK (AP) - A western Pennsylvania heating and refrigeration contractor that services Target retail stores said it was the victim of a "sophisticated cyberattack operation" that may have allowed hackers to infiltrate Target's computer systems and steal millions of debit and credit card numbers.

Fazio Mechanical Services Inc., of Sharpsburg, Pa., issued the statement after Internet security bloggers identified it as the third-party vendor through which hackers accessed Target's computer systems. Target has said it believes hackers initially gained access to its vast computer network through one of its vendors. Once inside, the hackers moved through the retailer's network and eventually installed malicious software into the company's point-of-sale system.

The series of hacks, experts believe, gave thieves access to some 40 million debit and credit card numbers, along with the personal information of another 70 million people.

U.S. Secret Service spokesman Brian Leary confirmed that Fazio's business is being investigated, but wouldn't provide details.

Molly Snyder, spokeswoman for Minneapolis-based Target, declined comment citing the ongoing investigation.

Federal prosecutors in Pittsburgh referred calls to their counterparts in Minnesota, where Assistant U.S. Attorney Steve Schleicher, acting criminal division chief, declined comment on the Fazio link, in particular, and the overall investigation.

"Like Target, we are a victim of a sophisticated cyberattack operation," Ross Fazio, the company's president and owner, said in a statement. Fazio's company is cooperating with the Secret Service and Target to identify the possible cause of the breach, he said.

Fazio Mechanical Services also denied reports on blogs and other outlets that said the company remotely monitored heating, cooling and refrigeration for Target, which has about 1,800 stores nationwide.

Fazio's statement explained that his company has an electronic connection with Target, which it uses to submit bills and contract proposals.

Target has said hackers breached its systems during the holiday shopping season and stole about 40 million debit and credit card numbers and the personal information, including names, email addresses, phone numbers and home addresses of as many as 70 million customers.

Banks, credit unions and other entities that issued debit and credit cards have had to cancel and reissue cards, close transactions or accounts, and refund or credit card holders for transactions made with the stolen data.

Target has said its customers won't be responsible for any losses.

More From You

*0 / 3000 Character Maximum
Filter by:
WILLS February 08 2014 at 1:15 PM

The Target mess was likely a piece of "back door" work where someone had "maintenance" acces to the company's computor system. Now that they know where the physical entry came from (Fazio) those investigating will be looking at employees and their backgrounds. Anyone that has any link to the software developer or hardware provider is going to be top on the "put under the glass" list. It's probably someone who already quit and has left the country. However, if they do catch them (there has to be many) the Fed's should proecute to the hilt. What we need is a new "Devils Island" maybe down in the gator infested swamp in Louisiana and good old boys for guards.

Reply Flag as Abusive +1 rate up rate down
louferrig February 08 2014 at 12:11 PM

We should bring the culprits to justice AND put their names and pictures on every source of news media (tv, websites, tweeter, Facebook, etc) so others know that if they try this themselves, media scrutiny is part of the punishment.

Reply Flag as Abusive rate up rate down
kingsway February 08 2014 at 12:09 PM

Very nice of TARGET stores..

Reply Flag as Abusive -1 rate up rate down
skitzlpk February 08 2014 at 10:26 AM

To me the issue is networking. All financial data entrusted to major corporations shouldn't be linked to Joe Blow's HVAC company or vendors with suspect security systems. That information should be on a closed system with minimum access by only those with prioritized entry & easily recovered IP coding. The internet becomes it's own worst enemy when it's backdoor is so easily defeated.

Reply Flag as Abusive +2 rate up rate down
endmillll February 08 2014 at 10:06 AM

All this technology and there still not fixing it,, why hasnt anyone called bill gates in he might help.

Reply Flag as Abusive rate up rate down
josdon February 08 2014 at 9:46 AM

If, or when, this type fraud costs banks more than the amount they have decided they will tolerate, the problem will be fixed and thefraudsters will be caught.
The very profitable industry that contracts with the banks to secure the system, certainly do not mind that fraud is occurring. Without fraud there would be no industry; With a highly secure system there would be no industry.
If fire departments were for profit enterprises, there would be more fires.

Reply Flag as Abusive +2 rate up rate down
steves1709 February 08 2014 at 9:36 AM

Windows and most operating systems were NOT made to be secure. They were made to be produced quickly and cheaply. It's pathetic, really. Guess what? If YOU can access your data via internet, so can hackers and scammers. Get used to it.

Reply Flag as Abusive +5 rate up rate down
jgesselberty February 08 2014 at 9:18 AM

As our world becomes more and more linked and intertwined on the internet, this will be a very common occurrence and major threat. I can adjust my furnace settings remotely. Do you think that major companies don't have the same capabilities? And, much, much more? And, the more remote access you have, the more vulnerable you become. Tell Al, the internet is broken and he needs to fix it.

Reply Flag as Abusive rate up rate down
Sherry February 08 2014 at 9:01 AM

Two years ago I was the victim of cc fraud. However, my cc company thought it looked suspicious and notified me. After speaking with a person in their security dept. they immediately closed that account and issued me a new card, which arrived within 4 days. ( Someone had decided they needed almost $300 worth of itunes. ) The charges were immediately removed from my card until and investigation was done. After the investigation they sent a letter to let me know the outcome. I also recieved an apology. They removed any and all charges related to the itunes incident. This past summer the security system at my bank caught a fraudulent charge before it went through and I was notified of it. Because it was an international charge (Australia) that was trying to be made the security system kicked it out. They closed my debit card and issued a new one. My pay check had just been automatically deposited the day before I got the call. Thank goodness my bank has a security system that will kick out a bad charge until you are asked whether or not you made the charge. I recieved a written apology as well as a verbal one. In my opinion they did not owe me an apology since their system caught the charge before it could go through. I believe if you use your credit or debit card at any retailer, just as soon as the cc or bank issues payment for the charge, the retailer should remove any info they have on you from their system. It might cost them money to do this, but maybe we would all be a little safer.

Reply Flag as Abusive +6 rate up rate down
1 reply to Sherry's comment
steves1709 February 08 2014 at 9:32 AM

We all know that debit cards are less secure than, and we are more protected by, credit cards. It looks like you found a good company to deal with.

Reply Flag as Abusive +5 rate up rate down
Steve February 08 2014 at 8:27 AM

I believe a person or a group of persons, in some very high positions, were involved some how.

Reply Flag as Abusive rate up rate down
2 replies to Steve's comment
f4180 February 08 2014 at 9:31 AM

Do you think the trail leads to the whitehouse or the kremlin ?

Reply Flag as Abusive -2 rate up rate down
1 reply to f4180's comment
cranepilot1 February 08 2014 at 10:17 AM

Maybe a business competitor???

Flag as Abusive rate up rate down
Mary February 08 2014 at 1:39 PM

oh please this has been happing for years. Back in 60's my card was charged with a charge form a different state. . Its all happening in Africa. watch those shoes on friday nights dateline and 20/20 the do shows on this all the time. Really you people think it Obama? my God get a life . People have been stealing cc information since they were issued.

Reply Flag as Abusive rate up rate down
~~ 2592000


More From Our Partners