[{"@context":"https:\/\/schema.org\/","@type":"BlogPosting","@id":"https:\/\/www.rizklaw.com\/blog\/how-could-targets-data-breach-have-been-avoided\/#BlogPosting","mainEntityOfPage":"https:\/\/www.rizklaw.com\/blog\/how-could-targets-data-breach-have-been-avoided\/","headline":"How Could Target\u2019s Data Breach Have Been Avoided?","name":"How Could Target\u2019s Data Breach Have Been Avoided?","description":"Just six weeks before hackers installed malicious malware into Target\u2019s security and payments system designed to steal every credit card used at the company\u2019s 1,797 U.S. stores, the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye. Target had a team of security specialists in Bangalore to monitor...","datePublished":"2014-03-26","dateModified":"2024-05-22","author":{"@type":"Person","@id":"https:\/\/www.rizklaw.com\/blog\/author\/rizklaw\/#Person","name":"Rizk Law","url":"https:\/\/www.rizklaw.com\/blog\/author\/rizklaw\/","identifier":9,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/10e23ce5e6c4dadb4589cd8edf2c3f59ac356a6e876c3656917777913d9c3bc1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/10e23ce5e6c4dadb4589cd8edf2c3f59ac356a6e876c3656917777913d9c3bc1?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"Rizk Law","logo":{"@type":"ImageObject","@id":"https:\/\/www.rizklaw.com\/wp-content\/uploads\/2024\/03\/rizk-law-logo-footer.jpg","url":"https:\/\/www.rizklaw.com\/wp-content\/uploads\/2024\/03\/rizk-law-logo-footer.jpg","width":278,"height":65}},"image":{"@type":"ImageObject","@id":"https:\/\/www.rizklaw.com\/wp-content\/uploads\/2024\/03\/Richard-Rizk-headshot.jpg","url":"https:\/\/www.rizklaw.com\/wp-content\/uploads\/2024\/03\/Richard-Rizk-headshot.jpg","width":383,"height":427},"url":"https:\/\/www.rizklaw.com\/blog\/how-could-targets-data-breach-have-been-avoided\/","about":["Personal Injury"],"wordCount":371,"articleBody":"Just six weeks before hackers installed malicious malware into Target\u2019s security and payments system designed to steal every credit card used at the company\u2019s 1,797 U.S. stores, the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target\u2019s security operations center in Minneapolis would be notified.Twice, on November 30 and again on December 2, Bangalore got an alert from FireEye and flagged the security team in Minneapolis, and both times warnings were unheeded. Not only should those alarms have been impossible to miss, they went off before the hackers began transmitting stolen card data out of Target\u2019s network.Had the company\u2019s security team responded when it was supposed to, the theft never would have happened at all.Target claims that it receives hundreds of alerts daily from FireEye. The alerts this time labeled the threat with the generic name \u201cmalware.binary,\u201d which does not provide much information about the threat. \u00a0FireEye has a function that automatically deletes malicious software, but it had been turned off by Target\u2019s security team before the hackers\u2019 attack. Most of FireEye\u2019s customers turn off that functionality because it is known for incorrectly flagging data as malware, which can halt email and Web traffic for business users.For the next two weeks, when a Target credit card was swiped, the malware would step in, capture the shopper\u2019s credit card number, and store it on a Target server commandeered by the hackers. The data was then transmitted around the globe.It was only after federal officials notified Target on December 12 of unusual cyber activity involving credit card payments at Target stores that company investigators went back to find out what had happened. By then, 40 million payment card records were stolen from the retailer, along with 70 million other records with customer information such as addresses and telephone numbers.In addition to a Congressional investigation, Target also faces dozens of potential class-action lawsuits and action from banks that could seek reimbursement for millions of dollars in losses due to fraud and the cost of card replacements."},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.rizklaw.com\/blog\/#breadcrumbitem"},{"@type":"ListItem","position":2,"name":"How Could Target\u2019s Data Breach Have Been Avoided?","item":"https:\/\/www.rizklaw.com\/blog\/how-could-targets-data-breach-have-been-avoided\/#breadcrumbitem"}]}]