Years Later, Massive Data Breach Still Haunts Target
Politics and Activism

Years Later, Massive Data Breach Still Haunts Target

Target took a massive hit in customer trust due to the attack, and is still working to overcome it.

Jeepers Media / Flickr

In December of 2013, Target Corporation, one of the largest discount retail stores in the United States, was hacked. Information from over 70 million customers across 2000 Target stores was compromised due to a criminal hacking of Target’s systems. The attack began just after the Thanksgiving holiday period on November 27th and blocked promptly on December 15th. Target did not find the breach within their own system, on the 13th of December, they were contacted and notified by the Department of Justice. Primarily, it was evident that credit and debit card information was released. As the corporation’s team investigated further, it became known that personal information regarding a large portion of affected customers was also stolen, including home addresses, phone numbers, and names. The access point that was used by these attackers was closed shortly after the breach was discovered in an attempt to sever any connections these people had to the Target system.

Various measures should have been taken by Target in order to mitigate the risk that a breach this daunting could have occurred. It was concluded that the hackers gained access to the necessary credentials through a third party vendor by the name of Fazio Mechanical, which is “a supermarket refrigeration systems mechanical contractor” as it reads on their website (Fazio Mechanical). In order to further secure their systems, Target needed to have a better tactic for risk management. As suggested by the SANS institute, implementing risk management analyses on a regular basis would have greatly improved the security of the target systems. This strategy would have allowed the company to catch and eliminate vulnerabilities before they turned into threats. One conclusion made by CTO Jody Brazil of a security vendor by the name of FireMon, suggested that the breach was more “mundane and…preventable” (Computerworld) than one might have initially thought. Her conclusion was that although the hacker gained credentials from this third-party vendor, those working at Fazio Mechanical should never have been given access to Target’s payment information. In order to take preventative measures against this type of fraud again, Target would need to segment its network to ensure that third parties do not have access to this type of information, as it can prove to be fatal to the company’s systems, making them susceptible to attacks such as this one.

Aside from regularly monitoring their systems as a form of risk management, Target would have benefitted from implementing controls from the SANS 20 Critical Security Controls list. As was mentioned earlier, carrying out a regular risk management assessment of the company’s security systems would have proved to be extremely beneficial. SANS Critical Control #4, Continuous Vulnerability Assessment and Remediation provides just that level of coverage. SANS Control #15, Controlled Access Based on the Need to Know ties into the idea that third party vendors, while given rights to certain information within the company’s network, should be prevented from gaining access to all aspects of the company’s records. Along with Control #15, using CSC #16 would give Target the ability to be proactive through the monitoring of accounts, ensuring that no suspicious activities are occurring right under their noses. The final two SANS Critical Controls that would enable Target to better protect against similar attacks would be #19, Secure Network Engineering, and #18, Incident Response and Management. Taking preventative security measures is all about being proactive. No matter how secure a company believes their systems to be, there is always a threat of an attack, and IT teams must know exactly how to respond to these attacks in order to pinpoint them and mitigate them as quickly as possible.

It is evident that this breach connects to two specific frameworks; SANS and PCI-DSS. As was touched upon before, in order to mitigate security threats, Target would be advised to use the aforementioned critical controls laid out by the SANS Institute. The SANS Institutes focus is on information and cybersecurity, and through extensive research and a brilliant team, having the know-how to better protect businesses from instances such as those faced by Target. The second framework that this breach pertains to is PCI-DSS or the Payment Card Industry Data Security Standard. This framework hones in on information security standards for various organizations that use credit cards, namely those that fall under the titans of the credit card industry who created this organization, in point of sale transactions. The aim of PCI-DSS is not only to help organizations protect their transaction services but also to protect those credit card companies that fall under its umbrella. PCI-DSS has six groups containing twelve requirements that organizations under their rule must follow in order to reach total compliance with the institution's standards.

There were no extremely significant punitive implications that were derived from this breach that were not financial. Other than class action lawsuits filed by many customers, it was the major banks who were affected by the security breach that came after Target in a wish for restitution. Banks such as Umpqua Bank, Mutual Bank, Village Bank, CSE Federal Credit Union, and First Federal Savings of Lorain, banded together to file a case against Target in which they reached a $39 million settlement.

As was expected, and is made evident by the lawsuit described above, there were major fiscal repercussions as a result of the breach. On top of these consequences, however, there was also a great loss of consumer trust in the Target name, as clients scrambled to learn as much information as possible to mitigate the vulnerabilities they now faced by having parts of their identities, as well as financial information, compromised. Customer loyalty to the Target name dropped significantly as frequent consumers became wearier and evermore cautious, thus straying away from making purchases at the retailer’s locations. Target, as was previously mentioned, also faced many class-actions lawsuits carried out by some of its customers in an attempt for redemption. Fortunately for Target, strength came in their name and their ability to offer quality products at cheaper prices than at your average mom and pop shop. Many consumers also came to the conclusion that this type of data breach is not specific to Target, but rather to any technologically advanced corporation that is keeping track of the personal information they input into the respective systems. Overall, however, Target took a massive hit in customer trust due to this attack, and is still working relentlessly to overcome it.
Report this Content
This article has not been reviewed by Odyssey HQ and solely reflects the ideas and opinions of the creator.

15 Black-Owned Haircare Brands That Cater As Much To Inclusivity As They Do To Your Locks

Championing Black entrepreneurs who make some of our hair favorites.

The haircare industry is vast. With the rise of social media came hundreds of thousands of empowered, niche brands. Single entrepreneurs came out of the woodwork with hair brands that now, years later, have dedicated cult followings.

Of those multitudes of brands, few cater to all hair types, most made without regard for curly or coily hair. These brands, however, are different.

Keep Reading... Show less

Minorities are consistently under-represented in our day-to-day lives, notably in the world of fashion. It's likely you're looking for a way to support black artists. Whether that's the case or you're just a fashion-lover in general, these brands aren't just some of the best black-owned fashion brands — they're some of the most innovative brands of our time, period.

From luxury staples to fun accessories and loungewear, these brands aren't just stunning names you should definitely be following on Instagram, each honors the founder's roots in unique ways with the power of storytelling through artistic expression that manifests in pieces we can't wait to wear.

Keep Reading... Show less
Health and Wellness

10 Home Items You Need For Stress Relief, On The Days You 'Literally Cannot'

Fill your home with peaceful, calming coping mechanisms.

I'd like to think that 2020 is teaching us a lot. Or will teach us a lot. Or will be a story we tell at parties one day. Ultimately, this year has been — and is probably going to continue to be — a bit of a mess.

At the beginning of the year, Australia was on fire and we mourned the death of Kobe Bryant. Then, coronavirus (COVID-19) took our spring and shut us in our homes, inciting panic over public health and sparking political upheaval at every decision made by local and federal officials alike. Now, a week after George Floyd's death at the hands of Minneapolis police officer Derek Chauvin, a nationwide conversation is reignited with protests regarding racial injustice in the United States. There is an enormous amount of tension, hurt, and change that is upon the American people.

Keep Reading... Show less

No matter who you are (an introvert, person of color, member of the LGBTQ+ community, Scorpio, TikToker, you name it), we want to hear what dating in America is like for you and the thoughts you have while working through the talking stage, first dates, navigating love, working through dating problems, etc.

Keep Reading... Show less

30 Black-Owned Skincare Brands Every Beauty-Lover Should Know About In 2020

They're not changing the game — they're making a new one.

Skin is something most beauty-lovers obsess over from our early teens, whether our aim is to be glowier, softer, dewier, or poreless, most of us are consistently tracking a new skincare goal. No matter how many products we try, we'll likely forage on with the goal of IRL Photoshopped skin, no matter how many dollars go to them.

The black-founded skincare brands below are the brainchildren of extreme dedication and resilience within the privileged world of beauty. Born out of resilient entrepreneurs overcoming circumstance in a world that does not favor business people of color, these brands have loyal cult followings, and with good reason.

Keep Reading... Show less

A huge part of being in a relationship is communication and, well, part of communication is listening. So, why not have a little fun with your partner and see just how well they know you?

Keep Reading... Show less
Health and Wellness

7 Ways You Can Safely Attend A Protest In The Middle Of A Pandemic

Wear a mask, but speak up.

It seems like coronavirus (COVID-19) has been around forever now. Life before masks and with public sporting events is a distant memory, hoping to make a comeback sometime this year. We've all had to make some sort of life changes to abide by this pandemic's rules. But that doesn't mean everything has stopped. On May 25, George Floyd died at the hands of Minneapolis police officer Derek Chauvin, sparking a cry for justice and racial equality across the nation.

For the last week, protests have taken place in major cities like New York City, LA, DC, Chicago, Phoenix, Portland, Dallas, and Floyd's hometown of Minneapolis. Many of the cities experiencing protests have begun phased reopening, while others (specifically New York City and LA) have yet to begin phase one of post-coronavirus reopening.

As COVID-19 is hardly in our rearview mirror, there are extra precautions protestors can take as they advocate for justice.

Keep Reading... Show less
Health and Wellness

5 Helpful, Effective Mental Health Resources Specifically For The Black Community

These organizations are qualified, caring, and acknowledging the mental trauma individuals are experiencing.

On May 25, George Floyd died after being pinned to the ground by a Minneapolis police officer. In the last week, protests have sprung up across the nation, demanding justice for Floyd and accountability for police brutality. Social media has also seen widespread conversation regarding Floyd's death, Black Lives Matter, and racism in the United States. Today is #BlackoutTuesday, where many are sharing a single black square to represent unity and support for Black voices.

In light of the heavy climate that our country is facing, it is a safe assumption that many individuals' mental health may be suffering. We wanted to highlight mental health resources and organizations that are Black-owned and prepared to assist in whatever you're going through.

Keep Reading... Show less
Facebook Comments