Target Breach: Credentials StolenRetailer Says Stolen Vendor Credentials Used to Conduct Attack
The breach at Target Corp. that compromised as many as 40 million payment card accounts, along with the personal information of about 70 million customers, was the result of hackers stealing electronic credentials from a vendor, the retailer reports.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
"We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor's credentials, which were used to access our system," a Target spokesperson confirmed to The Wall Street Journal.
Target did not reply to a request for comment.
Security blogger Brian Krebs claimed in a Jan. 29 report that the attackers may have taken advantage of a poorly secured feature built into a widely used IT management software product that was running on the retailer's internal network. Krebs makes reference to a report from Dell SecureWorks that analyzed the Target breach.
A Jan. 17 notification from the Federal Bureau of Investigation warned that the basic code used in the point-of-sale malware tied to the breach has been seen by the FBI in cases dating back to at least 2011, according to Krebs.
On Jan. 29, U.S. Attorney General Eric Holder confirmed that the Department of Justice is investigating the Target breach [see: Feds Investigating Target Breach].
"We are committed to working to find not only the perpetrators of these sorts of data breaches, but also any individuals and groups who exploit that data via credit card fraud," Holder said in his Jan. 29 testimony before the U.S. Senate Committee on the Judiciary.