Menu
Kim Kardashian Leaked Photos Backlash

Kim Kardashian Leaked Photos Backlash

Benedict Cumberbatch is Alan Turing in The Imitation Game

Benedict Cumberbatch is Alan Turing in The Imitation Game

Amber Heard Topless Photo Leaked

Amber Heard Topless Photo Leaked

The Sexiest Halloween Costumes of 2014

The Sexiest Halloween Costumes of 2014

Oculus Unveils Crescent Bay, its New Virtual Reality Headset Prototype

Oculus Unveils Crescent Bay, its New Virtual Reality Headset Prototype

Actually Two Attacks In One, Target Breach Affected 70 to 110 Million Customers

Jan 17 2014, 10:51pm CST | by , in News

Actually Two Attacks In One, Target Breach Affected 70 to 110 Million Customers
Photo Credit: Forbes
 
 

The latest reports from title="reuters on target data breach">Reuters indicate that six additional large U.S. retailers have ongoing point of sale (POS) data breaches that have been reported to law enforcement but not yet made public. Security firm iSIGHT Partners has announced that it has been working with the U.S. Secret Service and has discovered that the same type of malware that infected Target (a variant of the previously reported BlackPOS) called KAPTOXA (a Russian term pronounced Kar-Toe-Sha) is likely involved in these new attacks. This information has been jointly published by iSight, USSS, the Department of Homeland Security and the Financial Services Information Sharing and Analysis Center.

If these attacks follow the pattern of the Target breach, they are really two attacks in one. Target’s own communication on this has been muddled and many consumers are confused by the dual reports that, “Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013,” and that, “Up to 70 million individuals may be affected… by the additional stolen information.”

Hold on, run that by me again. Are those 40 million cardholders a subset of the 70 million “additional stolen information” customers? Or is this 4o million PLUS 70 million? Target isn’t quite saying. A report today from Forbes’ Clare O’Connor indicates that this additional data goes back as long as ten years. And Teresa Dixon Murray of The Plain Dealer writes of a customer who was told by a Target customer service rep that, “We had a system glitch and everyone who ever shopped with us going back a long time and we had their email address in the system got the latest email.” In other words, Target doesn’t know which end is up!

From O’Connor’s experience we know that even people who had not shopped at Target during the period of BlackPOS infection (or even in the last decade!) are potentially part of that 70 million. So it is safe to say that the actual number of affected customers is somewhere between 70 and 110 million. Many of the people receiving emails from Target are miffed about why they got them but some who shopped there during the period in question, like The Plain Dealer’s Dixon Murray, still haven’t received any notification from the retailer.

As I wrote at the time of the initial announcement, Target’s lack of clarity has been its biggest PR mistake. The company’s FAQ about the breach doesn’t make clear at the beginning that there were two different types of information that were compromised with radically different time frames. Even the ordering of the entries in the FAQ obscures the narrative. The mention of “additional stolen information” nonsensically comes before the mention of “40 million credit and debit card accounts.” A small matter of linguistics, perhaps, but still, Aaargh!

And then there is Neiman Marcus, and the purported six additional large retailers who may also have experienced this one-two punch of check out card swipe scraping and wholesale database hoovering. I expect the identity of these companies to emerge in the coming days. Let’s hope these other retailers learn from Target’s travails.

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter and App.net or add me on Google+.

10 Incredibly Simple Things You Can Do To Protect Your Privacy

Source: Forbes

You Might Also Like

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Erica Mena and Bow Wow are Engaged
Erica Mena and Bow Wow are Engaged
Love & Hip-Hop star Erica Mena's boyfriend Bow Wow is now her fiancé.
 
 
Qatar is Not Hosting 2022 Soccer World Cup Says FIFA&#039;s Theo Zwanziger
Qatar is Not Hosting 2022 Soccer World Cup Says FIFA's Theo Zwanziger
In a surprise turn of events, FIFA says that Qatar is not getting the 2022 Soccer World Cup.
 
 
WWE Night of Champions: The Bad and The Ugly
WWE Night of Champions: The Bad and The Ugly
WWE Night of Champions: The Bad and The Ugly
 
 
Rachel Bradshaw lost Husband in Car Crash
Rachel Bradshaw lost Husband in Car Crash
The daughter of NFL legend Terry Bradshaw has lost her husband Rob Bironas in car crash on the weekend.
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.