Target Got Warnings About Hack—and Ignored Them

It even turned off program to delete malware, says Businessweek

By John Johnson,  Newser Staff

Posted Mar 13, 2014 1:39 PM CDT

(Newser) – If only Target had top-notch security software in place to prevent last year's disastrous hack. Oh wait, it did. In fact, a report by Businessweek/Bloomberg says the software was essentially screaming that something was amiss well in advance of any actual theft of customers' credit card data. Target had plenty of time to react—but did nothing. The $1.6 million software program from security firm FireEye detected the installation of malware on Nov. 30 and multiple times afterward, before hackers started stealing data, but the urgent alerts went unheeded.

Why didn't the software kill the malware on its own?

  • "The system has an option to automatically delete malware as it's detected. But according to two people who audited FireEye's performance after the breach, Target's security team turned that function off," says the story, which follows a two-month investigation. "It's possible that FireEye was still viewed with some skepticism by its minders at the time of the hack ..."
The story points to "inaction on the part of Target and a clear effort by FireEye to shore up its reputation," writes blogger John Biggs at TechCrunch. "If Target couldn’t be bothered to delete the malware, this piece suggests it’s not FireEye’s fault." Click for the full story, which, as Mashable points out, speculates that the mastermind of the Target hack might be a 22-year-old Ukrainian.

A Target store in Watertown, Mass.   (AP Photo/Steven Senne, File)
« Prev« Prev | Next »Next » Slideshow
My TakeCLICK BELOW TO VOTE
10%
8%
16%
3%
12%
51%
To report an error on this story, notify our editors.

NEWS FROM OUR PARTNERS
Other Sites We Like:   The Street   |   MSN Living   |   PopSugar Tech   |   RealClear   |   24/7 Wall St.   |   Biography   |   Barstool Sports   |   OK!