Flaws In Target's Security System

In 2013, target corporation experienced a serious data breach where its security, as well as the payment system,was breached. The security breach was so intense in which case; it compromised over 40 million credit as well as debit card numbers. Furthermore, 70 million phone numbers, addresses, and other personal information was affected(Krebs, 2014).The attack was made without the knowledge of Target Corp. until mid-December when the department of defense notified the company that its system was being attacked. One problem that came out clear, in this case, was the fact that Target Corp. had been notified of the attack

Another stakeholder within the Target Corporation is its shareholders. They, too, have been affected by the security breach, in that the press coverage

The Home Depot and Target have been one of the many retail establishments cyber attack breaches that have being targeted by cyber attackers. The Home Depot was the target of a cyberattack payment card system breach where their credit card information was basically stolen on September of 2014. The attacked occurred by attackers gaining third party credentials in order to gain access to the system, after they gained access to the system they weakened the system gaining their own access privileges. After doing all the mentioned above, malware was installed quickly on Home Depot’s self-check-out system. All these steps where taking by the cyber attackers resulting in the loss of more than fifty million credit card accounts and email addresses.

During the last Christmas season, Target announced that their data security was breached. According to David Lazarus in Los Angeles Times, Target stated that roughly 110 million customers’ information was illegally taken from their database. The information included their credit/debit card info, phone numbers, and email addresses. Target is one of the most popular grocery stores in the U.S.; they have a substantial amount of consumers. Because of this incident, consumers' trusts for the store have been decreasing. Worrying about losing its customers, the company offered a free year of credit monitoring and identity-theft protection, so the customers will feel more secure. Not only Target, some other large retailers also faced the same issues. They want their customers to trust that the companies can protect private data. However, should we not worry? Data breaches have been going on for about a decade, but we have not seriously thought about the issue. In order to protect people’s privacy, the federal government should make new laws concerning companies’ handling of customer information.

Even though Target is ranked currently 36 in the fortune 500 companies and have over 1750 stores, they are still very susceptible to being a victim of a cyber attack. In 2013 Target fell victim to a security breach on their system. Roughly around Thanksgiving of 2013 someone had installed malware in Target’s security and payment system enabling the hackers to steal credit card and personal information. “Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon.” (BloombergBusiness) In place was a very effective security system, but when the attacked happen on November 30, FireEye spotted the hackers and Bangalore, a third party cyber security company hired by Target alerted the IT team at corporate office in Minneapolis. There was no response from Target’s Corporate IT team and therefore led to the 40 million credit card numbers and 70 million addresses, phone numbers

Target Corporation enhance its information warehouses with latest big data that is technologically sophisticated to crunch large data using complex algorithms and provide vital output data for a daily operation as well as strengthen its capabilities over its rival which is a competitive advantage and speed up worker productivity. A quality tracking tool provided by information system tracks each package, parts ensuring the goods meet the quality standard.

Target CEO Brian Cornell states: “the situation is unacceptable and appointed veteran executive John Mulligan to find a fix” (SCDIgest Editoral Staff). Mulligan,

In 2013, Target Corp., the company that prides itself on offering quality, upscale, and trendy merchandise at lower costs, had anticipated a historic year. However, after purchasing Canadian retailer Zellers’ 273 locations and finally executing plans to expand outside the United States, both company and stockholder optimism vanished. In late 2013, news of a massive data breach affecting nearly 110 million consumers turned out devastatingly bad numbers in the fourth quarter—some experts even calling it the second largest retail cyber-attack in history.

Target and its larger grocery-carrying incarnation, SuperTarget, have carved out a niche by offering more upscale, fashion-forward merchandise than rivals Wal-Mart and Kmart (Target, 2014). Target has had its share of problems in the past, one of the most infamous being the credit card breach in late 2013. Target informed the public that at least 40 million of its customer’s debit and credit card information had been hacked. In spite of the security breach Target is well known philanthropic actives.

Target a large retail corporation that operates over 1,700 stores across the United States. They also operate as an online retailer at target.com. In 2012 the retailer earned more than $73 billion dollars in revenue and grew their sales by 5.1% from the previous year. Looking at the revenue and sales growth rate it is hard to fathom that more money could not be spent to ensure that consumer data is protected as much as possible. As information security specialists one of the worst things that can happen is our network gets infiltrated and customer information is stolen. On December 19, 2013 Target released a statement stating that they have had an information

One of the largest issues with this data breach is, just six months prior, Target had installed “a $1.6 million malware detection tool made by the computer security firm FireEye (FEYE), whose customers also include the CIA and the Pentagon” (Riley, Elgin, Lawrence, & Matlack, 2014). The problem was not the software, it was a lack of reaction by Target’s security team located in Minneapolis. Once the credit card and personal information was stored, the hackers moved the information to various locations throughout the U.S. before sending the data to their computers in Russia. On December 12, 2013, Federal investigators notified Target of a massive data breach; and on December 15, 2013, Target confirmed and eradicated the malware, after all of the credit card and personal information had been stolen.

In December 2013, Target was attacked by a cyber-attack due to a data breach. Target is a widely known retailer that has millions of consumers flocking every day to the retailer to partake in the stores wonders. The Target Data Breach is now known as the largest data breach/attack surpassing the TJX data breach in 2007. “The second-biggest attack struck TJX Companies, the parent company of TJMaxx and Marshall’s, which said in 2007 that about 45 million credit cards and debit cards had been compromised.” (Timberg, Yang, & Tsukayama, 2013) The data breach occurred to Target was a strong swift kick to the guts to not only the retailer/corporation, but to employees and consumers. The December 2013 data breach, exposed Target in a way that many

Target has not disclosed much detail around the breach due to liability and legal issues but some information is available due to a leaked internal corporate report. The report included information by Verizon which was hired by Target to probe its networks for weaknesses days after the breach was

Even though Target is ranked currently 36 in the fortune 500 companies and have over 1750 stores, they are still very susceptible to being a victim of a cyber attack. In 2013, Target fell victim to a security breach on their system. Roughly around Thanksgiving of 2013, someone had installed malware in Target’s security and payment system enabling the hackers to steal credit card and personal information. “Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon.” (BloombergBusiness) In place was a very effective security system. However, when the attacked happen on November 30, FireEye spotted the hackers and Bangalore (a third party cyber security company hired by Target) that alerted the IT team at corporate office in Minneapolis. There was no response from Target’s Corporate IT team and therefore led to 40 million credit card numbers and 70 million addresses, phone numbers and other personal

After reading the article about the Target data security breach and how Target handled the PR, I agree with the author’s stance on how bad Target handled the PR of the data security breach. Target didn’t tell anyone about the data security breach even though they knew, instead someone else broke the story. Target did the opposite of the five principles of crisis communication, Target knew about the issue but wasn’t prepared to go public with it or communicate the issue with the press and other constituencies, and be honest to the public about what is going on. Instead, somebody else had to break the news. Also, Target wasn’t clear what it was doing to remedy the issue and didn’t mean it instead Target states the typical speech every company makes “we are taking this issue seriously”.