Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Target says hackers stole credentials from vendor
Reuters via nbcnews.com ^ | Reuters

Posted on 01/29/2014 6:50:58 PM PST by John W

Target said Wednesday that the cyber criminals who breached its system used credentials they stole from one of the retailer's vendors.

"The ongoing forensic investigation has indicated that the intruder stole a vendor's credentials, which were used to access our system," Target spokeswoman Molly Snyder said in a statement.

She declined to elaborate on what type of credentials were taken from the vendor.

Meanwhile, the Justice Department is investigating the hacking, Attorney General Eric Holder said Wednesday.

Testifying at a U.S. Senate hearing, Holder said the department will seek not only to find the perpetrators of the breach but also "any individuals and groups who exploit that data via credit card fraud."

(Excerpt) Read more at nbcnews.com ...


TOPICS: Business/Economy; News/Current Events
KEYWORDS: securitybreach; target; targetvendor

1 posted on 01/29/2014 6:50:58 PM PST by John W
[ Post Reply | Private Reply | View Replies]

To: John W

Well, if Holder is on the case, we should all be relieved. /sarc


2 posted on 01/29/2014 6:58:48 PM PST by JaguarXKE (1973: Reporters investigate All the President's Men. 2013: Reporters ARE all the President's men)
[ Post Reply | Private Reply | To 1 | View Replies]

To: John W

It was still THEIR vendor which is Target’s responsibility to screen and ensure reliability.


3 posted on 01/29/2014 7:13:05 PM PST by dragnet2 (Diversion and evasion are tools of deceit)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dragnet2

Very true. I can’t imagine a scenario where an outside vendor would use an account that would have that kind of access, assuming anything resembling best practices are followed.

Hell, no single internal user account should have that kind of access either. Of course, we can only guess what was truly going on.


4 posted on 01/29/2014 7:18:22 PM PST by KoRn (Department of Homeland Security, Certified - "Right Wing Extremist")
[ Post Reply | Private Reply | To 3 | View Replies]

To: John W
The vendor was likely BMC Software, and the credential was likely user id "Best1_user", password "BackupU$r".

http://krebsonsecurity.com/2014/01/new-clues-in-the-target-breach/

5 posted on 01/29/2014 7:39:16 PM PST by cynwoody
[ Post Reply | Private Reply | To 1 | View Replies]

To: dragnet2
It was most likely the credit card processor.

Target, and every other retailer everywhere has been forced to pay the “middleman” fees, and woe betide them if the i’s are not dotted and the t’s were not crossed.

The “middleman” ie “credit card processors/banks” have all been hacked, and now...Target is the main target.

It's only been recently made partially legal to inform customers that non-cash/check transactions add hefty fees to every transaction.

The fee spread runs from 1.5% to over 5% per transaction.

6 posted on 01/29/2014 7:46:15 PM PST by sarasmom (Extortion 17. A large number of Navy SEALs died on that mission. Ask why.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: John W

My bank is sending me a new credit card because I shopped at Target during the critical period. I haven’t seen (thank goodness) any strange charges on my statement, but I guess my bank believes an ounce of prevention is worth a pound of cure.


7 posted on 01/29/2014 10:09:42 PM PST by EinNYC
[ Post Reply | Private Reply | To 1 | View Replies]

To: JaguarXKE

Inspector Gadget is more like it. We are all doomed.


8 posted on 01/29/2014 11:18:47 PM PST by funfan
[ Post Reply | Private Reply | To 2 | View Replies]

To: JaguarXKE

For all we know Holder and his cronies ARE the case. Something stinks to high heaven with this whole mess.


9 posted on 01/30/2014 4:57:14 AM PST by John W (Viva Cristo Rey!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: cynwoody

I really like BMCS ,,, they used to make VSAM absolutely sing.


10 posted on 01/30/2014 4:07:55 PM PST by Neidermeyer (I used to be disgusted , now I try to be amused.)
[ Post Reply | Private Reply | To 5 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson