The well known US discount retailer, Target, found that 40 million of its customer accounts were hacked during the period 27 November – 15 December 2013. Customer names, credit card as well as debit card numbers and expiration dates were hacked. It is also believed, although not confirmed, that other data such as address and emails were also hacked.
In some cases, the data stolen was used for identity theft, which is a major problem. The data stolen has already made its way to the black market, keeping the banks and other financial institutions on their toes try to pick up fraud and protect their customers.
Trying to put their customers at ease, Target remains confident that identification numbers are "safe and secure" as they use Triple DES encryption to protect sensitive data. The encrypted PIN information was fully encrypted when entered and stayed that way whilst in the system, and remained encrypted even once it left their system. A key is needed to decrypt that data found in the system and this key was not in Target’s system and therefore could not have been found or taken out during this incident.
A 17-year-old Ukrainian boy who is a well-known hacker reportedly wrote the program/software used to make the hacking a success. This program goes by many names, which include, KAPTOXA. Although the teenage was not directly involved in the incident, he did sell the software to about 40 cybercriminals.
Customers have been encouraged to regularly check the activity on theirs cards to pick up any unusual transactions.
Since the incident, Target's revenue has decreased significantly.
Bibliography
No comments:
Post a Comment