POS Malware Hits Target in Data Breach

January 20, 2014 in Cyber Attacks, Cybersecurity News
Data breach

It’s been less than a month since mega retailer Target announced that a little more than 40 million customer debit and credit cards had been stolen by hackers. Not long after that, we saw the first of those cards being sold a few hundred thousand at a time, in a variety of underground hacker forums. Although not that underground, since I was able to register on the most notorious hacker sites and see for myself how easy it was to buy an identity.

The announcement of the breach ignited a firestorm of media coverage, consumer complaints, calls for Congressional hearings and investigations, and a serious dip in Target’s revenues at its busiest shopping period. But that firestorm was really the calm before an even bigger storm, as Target reluctantly admitted that the number of cards compromised was probably closer to 70 million than 40 million. Only to contradict itself a few days later and admit the final tally of compromised customers was actually in the region of 110 million.

So if that’s actually the true and final number, it means that a data breach that lasted just a few weeks managed to compromise credit and debit cards along with lots of personal information, of more than a third of the adults in the United States. And as the world tries to wrestle with that colossal number, Target has another bit of bad news to share.

Now it appears that the culprit behind what’s being described as the biggest data breach in history was actually a piece of malware that managed to infect the retailer’s Point of Sale or PoS systems. Exactly the same type of malware that could be sitting on your computers or website as you’re reading this.

But the news gets even worse. Not only was Target’s advanced security completely unable to detect the malware or prevent it from entering its networks, security experts are saying that this may be the most advanced malware ever used in an attack like this.

Not only were the hackers able to bypass Target’s security, they were also able to distribute the malware to all of Target’s PoS systems, and grab millions of card numbers during the fraction of a second that the data was unencrypted. This allowed the thieves to steal the data, one massive chunk at a time, move it to another server that acted like a loading bay at a warehouse, and then simply ship off the massive data haul to places unknown.

News is already leaking out that a number of other retailers, including Neiman Marcus, may have fallen victim to the same type of attack. And as if not wanting to be left out, Yahoo! admitted that it too may have fallen victim to a malware attack that managed to infect more than 2 million computers – computers used by Yahoo! customers who did nothing more than click on Yahoo!-generated ads.

And that means a number of things:

  • Data breaches and security are going to be a top priority for 2014.
  • Malware is now so sophisticated, even the biggest businesses with the biggest security budgets are having a hard time defending against this type of threat.
  • Businesses that expose their information or customers to this type of attack are likely to receive very little sympathy from victims and their lawyers.
  • The call for mandatory website security, especially for online businesses, is only likely to grow louder.
  • Your customers are likely to trust you and your website even less, in spite of the fact that you had nothing to do with these breaches.

And if the risk is that great for the big guys, just think of the implications for the small and midsize business – online or otherwise. It’s time to stop being a target.

But there is a silver lining. Now’s an opportunity to use security fears as a marketing tool. Beef up your security, heighten your malware detection and automate your malware removal, proactively lock down your data with a web application firewall, and remind your customers that your business is a safe place to browse and shop by displaying a trust seal. Because if you don’t ramp up security, or you don’t talk about security, your customers are very likely to flee to those who do. To start the conversation contact SiteLock at 855.378.6200.

Google Author: Neal O’Farrell

Latest Articles
Follow SiteLock