In 2013, Target was the victim of a famous hacking incident. This month, we’re going to dive into what happened, why it happened, and what we learned from the incident. First, what exactly happened?
Hackers gained access to Target’s servers via a third-party HVAC contractor, Fazio Mechanical Services. The perpetrators stole credentials from FMS and proceeded to access Target’s payment systems (to which the HVAC company had open access). The hackers, with full access to Target’s systems, installed malware on a small number of point-of-sale machines in Target stores. After testing that the malware successfully harvested credit card information and personal data from the registers, the hackers pushed the malware to the vast majority of Target’s registers. All of this occurred between November 27th and December 13th, covering Black Friday and a large portion of the holiday shopping season.
Hackers walked away with 40 million credit card numbers and personal information of 70 million customers, right at the holidays.
The stolen information was traced and a portion was reportedly sent to a location in Russia, but most of the information was stored on other compromised systems. Portions of the data were found on servers belonging to businesses in Miami and Brazil. Often, these “drop locations” aren’t even aware that their systems are being used by hackers. (We call these systems “zombies.”)
The incident cost Target over $200 million, not to mention the cost to consumers who lost data. But what exactly did Target do wrong? Next week, we’ll talk about it. See you then.