Target Credit Card Fraudulence

The Target Corporation has undergone many changes due to the 2013 security breach where hackers stole personal information from credit and debit cards of at least 70 million customers. Target sales and reputation has dropped from this instance, thus eliciting changes in their security systems, changes in management, and a few policy changes in handling customer information. With the public eye on the corporation’s handling of the situation, Target has been communicating these changes through various means. The changes they needed to communicate were informing customers of the security breach, addressing the bad press coverage to shareholders, downsizing of employees, and

The Internet has vastly expanded the opportunities for identity theft. A particularly prevalent form of cyber theft is known as phishing. This occurs when cybercriminals use spam, e-mail, or other messages to trick people into submitting personal information. As phishing has become more sophisticated, criminals have developed ways to gain access to such data merely by having the user click on the link. Phishers often pool stolen information and sell it on the black market via online forums. Max Ray Vision ran one such site, CardMarkets.com. When Vision was arrested in 2007, computers in his home contained some 1.8 million stolen credit card and bank account numbers. This information allowed Vision and his associates to make more than $86 million in fraudulent purchases.

The Security breach that hit Target in 2014 was one of the worst ever. It exposed names, addresses, phone numbers, credit and debit cards information’s of 70 million customers. Target informed that all transactions and customers’ information between Nov.27 to Dec. 15 2014 were stolen on the attack by hackers. This attack affect millions and the giant store as well losing money when their sales declined to 2.5 percent. Target had to email all affected customers and help all of them with their own credit monitoring by offering free credit monitoring and identity theft protection and also make them no liable to any fraudulent purchase after the breach. It was a big deal and it was all over the news. Two suggestions I would give is one, add a protocol

Even though Target is ranked currently 36 in the fortune 500 companies and have over 1750 stores, they are still very susceptible to being a victim of a cyber attack. In 2013 Target fell victim to a security breach on their system. Roughly around Thanksgiving of 2013 someone had installed malware in Target’s security and payment system enabling the hackers to steal credit card and personal information. “Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon.” (BloombergBusiness) In place was a very effective security system, but when the attacked happen on November 30, FireEye spotted the hackers and Bangalore, a third party cyber security company hired by Target alerted the IT team at corporate office in Minneapolis. There was no response from Target’s Corporate IT team and therefore led to the 40 million credit card numbers and 70 million addresses, phone numbers

In 2013, Target Corp., the company that prides itself on offering quality, upscale, and trendy merchandise at lower costs, had anticipated a historic year. However, after purchasing Canadian retailer Zellers’ 273 locations and finally executing plans to expand outside the United States, both company and stockholder optimism vanished. In late 2013, news of a massive data breach affecting nearly 110 million consumers turned out devastatingly bad numbers in the fourth quarter—some experts even calling it the second largest retail cyber-attack in history.

In December 2013, Target was attacked by a cyber-attack due to a data breach. Target is a widely known retailer that has millions of consumers flocking every day to the retailer to partake in the stores wonders. The Target Data Breach is now known as the largest data breach/attack surpassing the TJX data breach in 2007. “The second-biggest attack struck TJX Companies, the parent company of TJMaxx and Marshall’s, which said in 2007 that about 45 million credit cards and debit cards had been compromised.” (Timberg, Yang, & Tsukayama, 2013) The data breach occurred to Target was a strong swift kick to the guts to not only the retailer/corporation, but to employees and consumers. The December 2013 data breach, exposed Target in a way that many

The Target data breach remains one of the most notable breaches in history, it was the first time a CEO of a major corporation was fired due to a security event. The breach received an enormous amount of attention, it caused corporations and individuals to change the way they think about information security and data protection. Between Thanksgiving and Christmas 2013 hackers gained access to 40 million customer credit cards and personal data of 70 million Target customers. The intruders slipped in by using stolen credentials and from there gained access to vulnerable servers on Targets network to launch their attack and steal sensitive customer data from the POS cash registers. All this occurred without a response from Targets security operations center, even though security systems notified them of suspicious activity. The data was then sold on the black market for an estimated $53 million dollars. However, the cost to Target, creditors, and banks exceeded half of a billion dollars. This report will review how the infiltration occurred, what allowed the breach to occur including Targets response, and finally who was impacted by the security event.

The personal questions that make is easy for hackers to do their job adequately are questions like, what is your social security number or birthdate? Many people will put their trust in certain sites, but in actuality no one is safe. While online, it is all about being “nonanonymous” (Christian 95). It gets grueling after a while when we have to prove ourselves and companies never really know if the individual they are talking to is the person they say to be. In this case, computer users are constantly trying to authenticate themselves, because no one knows exactly who the other person is. This is due to the expansion in modern technology. In contrary to this, when there was a lack of computer technology, people communicated with one another in the flesh. There was no need to steal money from one another or invade someones personal privacy. Computer modernization is a sign that we may not be safe online anymore and it is taking away our identity online. There are various people out there up to no good that want to steal our identity, which in turn leads to those same individuals hacking into personal accounts and credit cards. This increase in technology has only made it harder for us to trust the diverse sites, but it has also made it a lot easier for people to get the information they need through search engines without someone questioning them.

Even though Target is ranked currently 36 in the fortune 500 companies and have over 1750 stores, they are still very susceptible to being a victim of a cyber attack. In 2013, Target fell victim to a security breach on their system. Roughly around Thanksgiving of 2013, someone had installed malware in Target’s security and payment system enabling the hackers to steal credit card and personal information. “Six months earlier the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon.” (BloombergBusiness) In place was a very effective security system. However, when the attacked happen on November 30, FireEye spotted the hackers and Bangalore (a third party cyber security company hired by Target) that alerted the IT team at corporate office in Minneapolis. There was no response from Target’s Corporate IT team and therefore led to 40 million credit card numbers and 70 million addresses, phone numbers and other personal

Target Corporation acknowledged a breach in their systems just as the 2013 holiday season was in full swing. The hacker have taken the information of nearly 40 million credit and debit cards from shoppers who shopped in its stores over the initial three weeks of the holiday season. This is the second biggest penetration of its kind announced by a United States retailer, of which Target is the third largest retailer. Apparently, the hackers worked quite speedily with the operation lasting from the day before Thanksgiving to Sunday December 15, 2013. These nineteen days are part of the large kickoff to the Christmas sales season. Target is said to be working with federal law enforcement and other experts to avert comparable future attacks. The company has not and does not seem to have an intention of revealing exactly how the system was compromised. It is known, however, that the company did not find the attack alone.

There are many ways to help prevent breaches such as the Home Depot and the similar Target breach. Most retailers these days have multiple locations possibly in two or more countries like The Home Depot. Because of this the retailers need to know exactly where the business of the organization is being conducted. These organizations need to take the extra steps and know where the customer data is at all times especially payment information. They need to keep track of how it is being accessed and how it is being secured. Tom Bain, who is a senior vice president at a company called Security CounterTack, says “Retailers need to get a better grasp on who is being granted access to their networks and why” (Vijayan). Home Depot failed to do this on a daily basis and this is why the breach was so extensive. People do not know the reason as to why the company did not check these daily logs for payment information but this is the reason that they had such a big breach on their payment systems.

On November 27, 2012, 40 million credit and debit card numbers were stolen from U.S. Target stores. The public was not informed about the data breach until December 18, 2012. Target’s spokesperson, Molly Snyder, specified that only the credit and debit card numbers were stolen along with the expiration date of the cards. Furthermore, Snyder mentioned that social security number and birthdays were not accessed during the breach. During this time Target’s sales fell 4 percent and target offered their customers 10 percent discount on in-store items to get them to shop at Target. On January 10, 2013, additional 70 million customers had their personal information like phone numbers and emails stolen. Target then fired 475 employees. In April target

On April 17, 2016 60 Minutes aired the interview of Sharyn Alfonsi with John Hering,co founder of Lookout. He explained how easy it is for a person to be hacked. Specifically he claimed that “ In today's world there's really only-- two types of companies or two types of people which are those who have been hacked and realize it and those who have been hacked and haven't.” As Hering said that statement, it was implied that every person has been hacked. Albeit the scale of how a person has been hacked differs from spamming advertisements to stealing credit card information. Although some people believe that it’s impossible to hack anyone, Hering demonstrates to Alfonsi how easy it is. Although Alfonsi at first didn’t believe Hering could hack

(Srinivasan et al., 2016). However, the company didn’t close its stores because of avoiding disruption in sales (Srinivasan et al., 2016). From the reading, it is not clear whether keeping the store open to avoid disruption in operations, while the remnant of the malware existed in the POS systems, made the breach’s impact worse. However, the company could have closed the stores to provide the customers confidence in that the company was serious in dealing with and investigating the breach. 2.2.2 - Examples of Customers’ Hardship Post-Breach - One week after contacted by the DOJ about the attack, on December 19, while Target posted a press release in that it was aware of unauthorized access to payment card data and putting all measures and resources regarding the incident (Srinivasan et al., 2016), Target’s response to alleviate the negative impacts from the breach came dismal.

Today, we live in a technologically based world in which almost everything we do is done through computer-based technology. Communication, marketing, and even transactions are all done through technology. The danger of having all of your information online is that once something is on the internet, it is permanent. Whether it be your home address, phone number, or simply pictures of you and your family, you can never really remove anything. This can be both positive and negative. Negative because if your information slips into the wrong hands you can get into trouble. And this can be positive because with all kinds of people around the world posting information on the internet, it brings everyone a little closer together, making it easier to connect with people from all over the globe. One negative effect of the internet making the world a smaller place was Target’s data breach a few years back. In mid-December of 2013, Target experienced a crisis when criminals had forced their way into Target’s system, gaining access to many guests credit and debit card information. As the investigation continued, it was later determined that certain guest information, such as names, mailing addresses, email addresses and phone numbers were taken as well. Target has built its reputation of customer satisfaction over the years by providing excellent service to customers and having better discounts than their competitors,