Target announced back in February the retail company was planning to install new anti-fraud technology in the wake of a massive data theft that affected tens of millions of customers. But Businessweek reported Thursday all of the trouble could've been avoided.
"Hackers began capturing credit card data Nov. 27. Three days later, a sophisticated security tool made by FireEye spotted the malware."
Target reportedly spent $1.6 million on FireEye, which is used by the Pentagon and the CIA, then hired security personnel in Bangalore, India to monitor the software.
Businessweek says the specialists sent the alert to Target's security operations center in Minnesota. Then, nothing. "Target stood by as 40 million credit card numbers-and 70 million addresses, phone numbers, and other pieces of personal information-gushed out of its mainframes."
Bloomberg Businessweek editor Josh Tyrangiel told CBS many have speculated that the software was too complicated or too new for Target to respond effectively, but added the paper's investigation also revealed something peculiar.
"Not only did it ignore its own alerts, there's an automated system within FireEye that could've detected and eradicated the malware, the bad software. That feature had been turned off on the system."
According to Mashable, the report contradicts what Target has previously said about the breach. "In a Congressional testimony, the company claims that it only learned of the attack in mid-December, after the U.S. Department of Justice caught it and contacted Target. However, Businessweek cites computer logs that show there were FireEye alerts from Nov. 30 and then Dec. 2, when a second attack occurred. "
Businessweek also reported on a similar misfortune with Neiman Marcus' data breach. The high-end retailer reportedly missed 60,000 security alerts after malware began stealing user information from their stores. (Via Flickr / rocor)
Gizmodo reported the hackers gave the malicious software a name similar to Neiman Marcus' official payment software "making it tough to distinguish suspicious activity from false positives." What's more: the system set to automatically block harmful software was also turned off.
CNET received a statement from Target regarding the Businessweek story. The statement reads in part, "With the benefit of hindsight, we are investigating whether, if different judgments had been made the outcome may have been different. Our investigation is ongoing and we are committed to making further investments in our people, processes and technology with the goal of reinforcing security for our guests."
- Latest mortgage news: 30-year rate hits pause — but still near 13-y…
- 5 ways a personal loan could help you save money
- Latest mortgage rates: Refinancing clock is ticking as rates rise
- Can You Refinance With $0 Out of Pocket?
- Need Cash? Take Money Out of Your Home
- Smart Ways To Pay for a Home Renovation
- Brighten up your day with these refreshing iced tea recipes
- ‘Unforgettable’ footage of mother-son dance goes viral across social m…
- These are the 12 absolute best Memorial Day deals you don’t want to mi…
- Forget the 30yr mortgage if you owe less than $822K (Do this instea…
- How to pay off your house ASAP (So simple it's unbelievable)
- Refinance Rates Remain Historically Cheap
- Today's Top Mortgage Rates in Your Area
- Reach Your Financial Goals and Help Your Money Grow with these Top Inv…
- Drowning in Credit Card Debt? Consider a Debt Consolidation Loan!