[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Target Hackers Tapped Vendor Credentials
From: InfoSec News <alerts () infosecnews ! org>
Date: 2014-01-31 8:47:19
Message-ID: alpine.DEB.2.02.1401310847090.4458 () infosecnews ! org
[Download RAW message or body]
http://www.informationweek.com/security/attacks-and-breaches/target-hackers-tapped-vendor-credentials/d/d-id/1113641?
By Mathew J. Schwartz
InformationWeek.com
1/30/2014
Target said Wednesday that the hackers who attacked the company employed
access credentials that were hardcoded into a product used by the
retailer.
"We can confirm that the ongoing forensic investigation has indicated that
the intruder stole a vendor's credentials which were used to access our
system," Target spokeswoman Molly Snyder said Thursday via email.
Target declined to identify the vendor whose credentials attackers had
obtained, though confirmed that the attack vector has been blocked. "As we
have previously shared, we confirmed the breach on December 15 and were
able to eliminate the malware and close the access," she said. "Since that
time we have taken extra precautions such as limiting or updating access
to some of our platforms while the investigation continues."
Target's attackers ultimately stole 40 million credit and debit cards
collected by the retailer's point-of-sale (POS) systems, set up a server
inside Target's network to collect that stolen data, then regularly sent
it in batches via FTP to a server in Russia. Attackers also stole personal
details pertaining to 70 million Target customers.
While Target declined to disclose further details from its investigation,
security journalist Brian Krebs reported Wednesday that Dell SecureWorks
this week released a private report to some of its clients, which suggests
that Target's attackers gained access to Performance Assurance for
Microsoft Servers, which is IT infrastructure management software sold by
BMC Software.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic