In December word broke that Target was the subject of a massive security breach. Personal information of more than 70 million of Target’s customers went into hackers’ hands. The retailer has tried to offer an olive branch and has been on damage control mode ever since. A new report claims that Target’s sophisticated security system had actually detected the attack. All warnings went ignored.

Contrary to the belief that Target’s security was not up to the market, the report claims that FireEye malware software was installed six months prior to the attack. When hackers uploaded their malicious code, it is said that FireEye set off the alarm bells. This according to a person who has “consulted” on Target’s investigation of the hack. FireEye had even collected details about the hack. Details such as addresses where the stolen data was going. Hackers kept uploading modified versions of the hardware. While the software apparently kept sending out warnings. It may even have marked them as most urgent on FireEye’s graded scale.

The report doesn’t make any claims about why Target didn’t kill the malware if it had already been detected by its state of the art security system. There is the possibility that a vacant position in the department might have resulted in the warnings being overlooked, but that would be too much of a coincidence. As a result of this rumored negligence, Target’s system remained compromised for almost two weeks. It was only when the retailer received alerts from federal authorities that it actually plugged the hole.

Filed in General. Read more about hacking and target. Source: businessweek

User Comments