Menu
Mat Franco won America's Got Talent

Mat Franco won America's Got Talent

SpaceX and Boeing build manned NASA Spaceships

SpaceX and Boeing build manned NASA Spaceships

Matt Damon is Jason Bourne Again

Matt Damon is Jason Bourne Again

Galaxy Note 4 Screen is the World's Best

Galaxy Note 4 Screen is the World's Best

iPhone 6 Reviews are Glowing

iPhone 6 Reviews are Glowing

Researchers Report Exact Timeline Of Massive Target Data Breach

Jan 17 2014, 9:41am CST | by , in News

Researchers Report Exact Timeline Of Massive Target Data Breach
Photo Credit: Forbes
 
 

Following yesterday’s title="krebs on target malware">identification by Brian Krebs of the exact malware used in last year’s Target personal data breach, the research lab at Seculert analyzed a sample of the malware and describes the attack as having two distinct stages, a characteristic of what it terms an “advanced threat.” Critically, the malware infected Target’s POS terminals where it “scraped” credit card numbers and other personal data undetected for six days before beginning to transmit that data to an external FTP server through an additional infected computer somewhere on Target’s network.

Seculert’s analysis revealed the following timeline:

On December 2, the malware began transmitting payloads of stolen data to a FTP server of what appears to be a hijacked website. These transmissions occurred several times a day over a 2 week period. Also on December 2, the cyber criminals behind the attack used a virtual private server (VPS) located in Russia to download the stolen data from the FTP. They continued to download the data over 2 weeks for a total of 11 GBS of stolen sensitive customer information.

The security company also comes to the conclusion that “publicly available access logs indicates that Target was the only retailer affected. So far there is no indication of any relationship to the Neiman Marcus attack.”

It’s good to know that the attacks on the two retailers are not related, I suppose, but more troubling is a report by Forbes staffer Clare O’Connor this morning about how the data that was stolen dates back a decade! This would indicate that along with scraping data from the magnetic strips on customers’ cards at checkout, the criminals were also plundering Target’s “backlist.” That a record of the towels O’Connor bought a decade ago at Target is still in active duty on the company’s servers is yet another example of how big-data-obsessed companies are perhaps holding on to too much for too long.

Most important, the breach that O’Connor discovered through actually reading her mail from Target (something many customers skimmed over or ignored) points to a much larger security problem than has been publicly disclosed. We haven’t heard the last of this one!

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter and App.net or add me on Google+.

Source: Forbes

You Might Also Like

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Target Black Friday
Target Black Friday
Target might not be the first name that you think of when it comes to Black Friday, but there is no reason to think that you might not have great saving opportunities there. They remain a top retailer in the country,...
 
 
Aziz Ansari Impression by former SNL Star Nasim Pedrad is Hilarious
Aziz Ansari Impression by former SNL Star Nasim Pedrad is Hilarious
Former SNL star Nasim Pedrad revealed unaired SNL sketch where she does a very funny impression of comedian Aziz Ansari.
 
 
Microsoft Universal Mobile Keyboard Announced
Microsoft Universal Mobile Keyboard Announced
The keyboard Works With Any Smartphone Or Tablet
 
 
Mat Franco won America&#039;s Got Talent
Mat Franco won America's Got Talent
Who won the 9th season of America's Got Talent? Big surprise. It is the magician Mat Franco.
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.