Menu
Anna Kendrick is New Private Photo Leak

Anna Kendrick is New Victim in Private Photo Leak

GoPro Hero 4 records 4K Video at 30fps

GoPro Hero 4 records 4K Video at 30fps

Wrist Camera Drone Nixie is the Selfie Future

Wrist Camera Drone Nixie is the Selfie Future

[titl]

Behati Prinsloo is Naked in new Maroon 5 Video

Emily Ratajkowski Stuns on Cosmo Cover

Emily Ratajkowski Stuns on Cosmo Cover

Researchers Report Exact Timeline Of Massive Target Data Breach

Jan 17 2014, 9:41am CST | by , in News

Researchers Report Exact Timeline Of Massive Target Data Breach
Photo Credit: Forbes
 
 
Full Story

Researchers Report Exact Timeline Of Massive Target Data Breach

Following yesterday’s title="krebs on target malware">identification by Brian Krebs of the exact malware used in last year’s Target personal data breach, the research lab at Seculert analyzed a sample of the malware and describes the attack as having two distinct stages, a characteristic of what it terms an “advanced threat.” Critically, the malware infected Target’s POS terminals where it “scraped” credit card numbers and other personal data undetected for six days before beginning to transmit that data to an external FTP server through an additional infected computer somewhere on Target’s network.

Seculert’s analysis revealed the following timeline:

On December 2, the malware began transmitting payloads of stolen data to a FTP server of what appears to be a hijacked website. These transmissions occurred several times a day over a 2 week period. Also on December 2, the cyber criminals behind the attack used a virtual private server (VPS) located in Russia to download the stolen data from the FTP. They continued to download the data over 2 weeks for a total of 11 GBS of stolen sensitive customer information.

The security company also comes to the conclusion that “publicly available access logs indicates that Target was the only retailer affected. So far there is no indication of any relationship to the Neiman Marcus attack.”

It’s good to know that the attacks on the two retailers are not related, I suppose, but more troubling is a report by Forbes staffer Clare O’Connor this morning about how the data that was stolen dates back a decade! This would indicate that along with scraping data from the magnetic strips on customers’ cards at checkout, the criminals were also plundering Target’s “backlist.” That a record of the towels O’Connor bought a decade ago at Target is still in active duty on the company’s servers is yet another example of how big-data-obsessed companies are perhaps holding on to too much for too long.

Most important, the breach that O’Connor discovered through actually reading her mail from Target (something many customers skimmed over or ignored) points to a much larger security problem than has been publicly disclosed. We haven’t heard the last of this one!

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter and App.net or add me on Google+.

Source: Forbes

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Derrick Rose Confident Chicago Bulls Will Win NBA Title Soon
Derrick Rose Confident Chicago Bulls Will Win NBA Title Soon
Chicago Bulls star Derrick Rose, who is returning from an injury-riddled 2013-14 NBA season, said he is confident he and his teammates will win a title soon.
 
 
Bill Belichick Confident New England Patriots Will Play Better
Bill Belichick Confident New England Patriots Will Play Better
New England Patriots head coach Bill Belichick is confident his team will play better in their next games after they lost big to the Kansas City Chiefs, 41-14, on Sept. 29.
 
 
Windows 10 Unveiled
Windows 10 Unveiled
Microsoft just dropped a big bomb. The company announced Windows 10. Microsoft just killed the name Windows 9 for the next major Windows release.
 
 
Jerry Seinfeld revealed Season 5 Line-up for Comedians getting Coffee
Jerry Seinfeld revealed Season 5 Line-up for Comedians getting Coffee
Jerry Seinfeld dropped the names of comedians he will feature on season 5 in his fantastic web series Comedians in Cars Getting Coffee.