Skip to comments.Target breach likely an inside job, data security expert says
Posted on 01/11/2014 7:11:32 AM PST by TurboZamboni
Target's disclosure that hackers stole customers' names, home addresses, phone numbers and email addresses suggests that the crime was an inside job, a fraud analyst said Friday.
The new batch of stolen identity information -- from up to 70 million additional Target customers -- is not stored on the point-of-sale devices used to pilfer the payment card data, said Avivah Litan, a fraud analyst at information technology firm Gartner.
The fact that the thieves got access to a second data source makes it more likely they had the help of an insider.
(Excerpt) Read more at twincities.com ...
They are reporting 110 million. That means about 1 in every 3 Americans bought something there last year.
The Ad executives ought to get a big bonus.
If a Class Action suit is put together, then those affected will probably only get three or four dollars, but the shysters will rake in millions.
“So I guess their annoying asking for my zip code to buy something really helped security a lot.”
Apparently, most of our credit cards have zip codes, addresses, phone #’s and other data, we don’t everyone to have.
My wife used her bank credit card at Target, and last week the card was replaced without any bad actions/activities. Now we know why.
This was/is an act of economic terrorism, and those at fault, should be treated as terrorists.
I thought it was an inside job from the start. The level of compromise involved was just too great.
“asking for my zip code”
Done for marketing purposes.
My credit card just got hit, and I’ve never shopped at Target.
That info is not stored on the card.
Correct. They want to know where their customers are coming from. It helps when they are deciding to open new stores.
And advertise. And now that could have been used to compromise their customers.
What about Needless Markup? They've been hit, as well.
Then it was unrelated to Target. People can be victims of crooks who didn't steal their information from Target.
I tried to buy a bottle of wine at Target a couple of months ago and the cashier wanted to card me and scan my driver’s license—even though I am clearly over 40.
I made a big fuss and refused to let him scan it. I wonder how many people have their licenses scanned in situations like this ? Is this information stored? I assume so.
What can a crook do with a copy of a driver’s license and a credit card?
if Target only worried as much about customer privacy as they do pimping homo marriage...
It’s not just Target. I remember walking past an upscale club a few years ago and there was a line of people waiting to get in. What really stood out was that the staff was electronically carding everyone’s license with a hand-held device. And everyone was just sheepishly going along with it.
You might consider asking the store if that is really their policy, or was someone doing some freelance data collection.
There was a clerk in a local drug store who was very friendly and insistent that I sign up for the "rewards" card. I always said no thanks.
About a month later, it was on the news that a gang of Nigerians were running an identity theft ring by just that kind of means. That dude was from Nigeria.
My first thought was, "No way. That guy was too nice." My second thought was, "How many victims of con men have said those very words?"
BS Ken, you work for a credit card company/finance company or don’t know about what is stored and has happened:
“Target reveals more customer data exposed in breach”
‘The size and scope of the consumer data heist from Target Corp. last month is much greater than previously thought, with up to 110 million people at risk by the exposure of credit and debit card numbers, as well as mailing addresses, e-mails and phone numbers, the company said Friday.
The revelation means that the data breach may be the largest ever involving a U.S. retailer and could lead to more complex types of fraud and identity theft for many of those affected.
Its big, its ugly, and its not fun for anyone but the bad guys, said Jacob Ansari, a data forensics investigator at 403 Labs LLC in Brookfield, Wis.’
1) how many people's licenses they scanned as part of their ID checks for purchasers of alcohol.
2) how much of this information was retained and for how long, and
3) whether any of the data from the scanned drivers licenses was part of the breach.
Yep. I've seen the same thing. The patrons were in their 20's. You can imagine how uncool it would be for one of the group to say, "I'm not going in if they're going to scan my license."
The people running the joint struck me as unsavory. It's closed down now. Maybe they have enough data and now live in Aruba.