TARGET BREACH: Security warning ignored before heist - KMSP-TV

TARGET BREACH: Security warning ignored before heist

Posted: Updated:

Target may have missed a chance to stop the massive data breach that hit customers during the busy holiday shopping season according to a report in Bloomberg Businessweek.

By all accounts, it looks like Target took its security seriously. Mark Lanterman, CEO and chief technology officer of Computer Forensic Services, told Fox 9 News the company spent more money on security than any other retailer he knows, which is why he says it's shocking the hackers were able to be in the system for a week without being noticed.

"This is world-class," he said. "This is used by every 3-letter government agency there is," Lanterman said.

According to the Bloomberg report, Target installed a malware detection tool to alert the company of any suspicious activity to its computer network six months before the breach. Lanterman said the $1.6 million system Target put in place to protect customers appeared to be working perfectly, and even warned the company when a breach took place.

"This is exactly like a tornado siren sounding and we just went about our business as usual," Lanterman explained.

A team of security specialists were monitoring the network and were alerted on Nov. 20th, but that information didn't come to light until Bloomberg Businessweek completed its 6-week investigation. 

Mike Riley was one of 4 reporters working the story, and through interviewing current and former Target employees, he learned a system called Fire Eye told Target about the malware invasion and even detailed what data was being stolen.

"Just within the last couple hours, they released a statement saying, in fact, the activity of the hackers was logged in the system and that their security team looked at it, evaluated it, and -- based on that evaluation -- decided not to act on it," Riley said.

Lanterman also interviewed those same sources at Target, and he said the Fire Eye system does have an automatic delete option when malware is detected; however, he said Target disabled the function so they could conduct internal investigations before deleting files themselves.

"These alerts should have been top priority," Riley said. "They were given and acknowledged and, for whatever reason, the Target security team ignored them."

The lesson to learn from the missed alert, Lanterman says, is that even the best security system in the world won't do any good if it's not monitored and its warnings are not heeded.

"In hindsight, they should have flipped the switch or they should have done their jobs," Lanterman said.

As a result of the breach, 40 million credit and debit card numbers and the personal information of 70-million customers was compromised. The breach caused Chief Information Officer Beth Jacob to resign in the aftermath.

  • Most Popular StoriesMost Popular StoriesMore>>

  • 28 new foods at Minnesota State Fair in 2014

    28 new foods at Minnesota State Fair in 2014

    Wednesday, June 25 2014 2:57 PM EDT2014-06-25 18:57:53 GMT
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
  • INVESTIGATORS: The pressure of porn

    INVESTIGATORS: The pressure of porn

    Friday, May 23 2014 6:06 PM EDT2014-05-23 22:06:43 GMT

    By some estimates, pornography is now a $10-billion industry in America -- bigger than the NFL, NBA and MLB, but the profits sometimes come at a tragic cost.

    By some estimates, pornography is now a $10-billion industry in America -- bigger than the NFL, NBA and MLB, but the profits sometimes come at a tragic cost.

  • St. Paul police statement on Lollie arrest

    St. Paul police statement on Lollie arrest

    Thursday, August 28 2014 6:29 PM EDT2014-08-28 22:29:10 GMT
    Click here for the unedited statement from St. Paul Police Chief Tom Smith regarding the arrest of Christopher Lollie.
    Click here for the unedited statement from St. Paul Police Chief Tom Smith regarding the arrest of Christopher Lollie.
Powered by WorldNow

KMSP-TV
11358 Viking Drive
Eden Prairie, MN 55344

Phone: (952) 944-9999
Fax: (952) 942-0455

Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | New Terms of Service What's new | Ad Choices