Years Later, Massive Data Breach Still Haunts Target

Years Later, Massive Data Breach Still Haunts Target

Target took a massive hit in customer trust due to the attack, and is still working to overcome it.

In December of 2013, Target Corporation, one of the largest discount retail stores in the United States, was hacked. Information from over 70 million customers across 2000 Target stores was compromised due to a criminal hacking of Target’s systems. The attack began just after the Thanksgiving holiday period on November 27th and blocked promptly on December 15th. Target did not find the breach within their own system, on the 13th of December, they were contacted and notified by the Department of Justice. Primarily, it was evident that credit and debit card information was released. As the corporation’s team investigated further, it became known that personal information regarding a large portion of affected customers was also stolen, including home addresses, phone numbers, and names. The access point that was used by these attackers was closed shortly after the breach was discovered in an attempt to sever any connections these people had to the Target system.

Various measures should have been taken by Target in order to mitigate the risk that a breach this daunting could have occurred. It was concluded that the hackers gained access to the necessary credentials through a third party vendor by the name of Fazio Mechanical, which is “a supermarket refrigeration systems mechanical contractor” as it reads on their website (Fazio Mechanical). In order to further secure their systems, Target needed to have a better tactic for risk management. As suggested by the SANS institute, implementing risk management analyses on a regular basis would have greatly improved the security of the target systems. This strategy would have allowed the company to catch and eliminate vulnerabilities before they turned into threats. One conclusion made by CTO Jody Brazil of a security vendor by the name of FireMon, suggested that the breach was more “mundane and…preventable” (Computerworld) than one might have initially thought. Her conclusion was that although the hacker gained credentials from this third-party vendor, those working at Fazio Mechanical should never have been given access to Target’s payment information. In order to take preventative measures against this type of fraud again, Target would need to segment its network to ensure that third parties do not have access to this type of information, as it can prove to be fatal to the company’s systems, making them susceptible to attacks such as this one.

Aside from regularly monitoring their systems as a form of risk management, Target would have benefitted from implementing controls from the SANS 20 Critical Security Controls list. As was mentioned earlier, carrying out a regular risk management assessment of the company’s security systems would have proved to be extremely beneficial. SANS Critical Control #4, Continuous Vulnerability Assessment and Remediation provides just that level of coverage. SANS Control #15, Controlled Access Based on the Need to Know ties into the idea that third party vendors, while given rights to certain information within the company’s network, should be prevented from gaining access to all aspects of the company’s records. Along with Control #15, using CSC #16 would give Target the ability to be proactive through the monitoring of accounts, ensuring that no suspicious activities are occurring right under their noses. The final two SANS Critical Controls that would enable Target to better protect against similar attacks would be #19, Secure Network Engineering, and #18, Incident Response and Management. Taking preventative security measures is all about being proactive. No matter how secure a company believes their systems to be, there is always a threat of an attack, and IT teams must know exactly how to respond to these attacks in order to pinpoint them and mitigate them as quickly as possible.

It is evident that this breach connects to two specific frameworks; SANS and PCI-DSS. As was touched upon before, in order to mitigate security threats, Target would be advised to use the aforementioned critical controls laid out by the SANS Institute. The SANS Institutes focus is on information and cybersecurity, and through extensive research and a brilliant team, having the know-how to better protect businesses from instances such as those faced by Target. The second framework that this breach pertains to is PCI-DSS or the Payment Card Industry Data Security Standard. This framework hones in on information security standards for various organizations that use credit cards, namely those that fall under the titans of the credit card industry who created this organization, in point of sale transactions. The aim of PCI-DSS is not only to help organizations protect their transaction services but also to protect those credit card companies that fall under its umbrella. PCI-DSS has six groups containing twelve requirements that organizations under their rule must follow in order to reach total compliance with the institution's standards.

There were no extremely significant punitive implications that were derived from this breach that were not financial. Other than class action lawsuits filed by many customers, it was the major banks who were affected by the security breach that came after Target in a wish for restitution. Banks such as Umpqua Bank, Mutual Bank, Village Bank, CSE Federal Credit Union, and First Federal Savings of Lorain, banded together to file a case against Target in which they reached a $39 million settlement.

As was expected, and is made evident by the lawsuit described above, there were major fiscal repercussions as a result of the breach. On top of these consequences, however, there was also a great loss of consumer trust in the Target name, as clients scrambled to learn as much information as possible to mitigate the vulnerabilities they now faced by having parts of their identities, as well as financial information, compromised. Customer loyalty to the Target name dropped significantly as frequent consumers became wearier and evermore cautious, thus straying away from making purchases at the retailer’s locations. Target, as was previously mentioned, also faced many class-actions lawsuits carried out by some of its customers in an attempt for redemption. Fortunately for Target, strength came in their name and their ability to offer quality products at cheaper prices than at your average mom and pop shop. Many consumers also came to the conclusion that this type of data breach is not specific to Target, but rather to any technologically advanced corporation that is keeping track of the personal information they input into the respective systems. Overall, however, Target took a massive hit in customer trust due to this attack, and is still working relentlessly to overcome it.
Cover Image Credit: Jeepers Media / Flickr

Popular Right Now

To The Boy Who Will Love Me Next

If you can't understand these few things, leave before things get too involved

To the boy that will love me next, I need you to know and understand things about me and my past. The things I have been though not only have shaped the person I’ve become, but also sometimes controls my life. In the past I’ve been used, abused, and taken for granted, and I want something real this time. The guys before you were just boys; they didn’t know how to treat me until it was too late. They didn’t understand how to love me, until I broke my own heart. Before you truly decide to love me I want you to understand these things.

When I tell you something, please listen.

I’m my own person, I want to be loved a certain way. If I ask you to come over and watch movies with me please do it, if I ask for you to leave me alone for a few hours because it’s a girl’s night please do it. I don’t just say things to hear my own voice, I say things to you because it’s important to my life and the way I want to be loved. I’m not a needy person when it comes to being loved and cared for, but I do ask for you to do the small things that I am say.

Forgive my past.

My past is not a pretty brick road, it is a highway that has a bunch of potholes and cracks in it. I have a lot of baggage, and most of it you won’t understand. But don’t let my past decided whether you want to love me or not. My past has helped form who I am today, but it does not define who I am. My past experiences might try and make an appearance every once in a while, but I will not go back to that person I once was, I will not return to all that hurt I once went though. When I say those things, I’m telling the complete and honest truth. I relive my past every day, somethings haunt me and somethings are good reminds. But for you to love me, I need you to accept my past, present and future.

I’m just another bro to the other guys.

I have always hung out with boys, I don’t fit in with the girl groups. I have 10 close girlfriends, but the majority of my friends are guy, but don’t let this scare you. If I wanted to be with one of my guy friends I would already be with him, and if you haven’t noticed I don’t want them because I’m with you. I will not lose my friendships with all my guy friends to be able to stay with you. I will not cut off ties because you don’t like my guy friends. I have lost too many buddies because of my ex-boyfriends and I promised myself I wouldn’t do that again. If you don’t like how many guy friends I have you can leave now. Don’t bother trying to date me if you can accept the fact I’m just another bro.

I might be a badass, but I actually have a big heart.

To a lot of people I come off to be a very crazy and wild girl. I will agree I can be crazy and wild, but I’m more than that. I’m independent, caring, responsible, understanding, forgiving, and so such more type of woman. Many people think that I’m a badass because I don’t take any negatively from anyone. Just like we learned when we were younger, “if you don’t have anything nice to say, don’t say it at all.” Most people can’t do that in today’s world, so I stick up for myself and my friends. I don’t care what anyone thinks about me, or their option on how I live my life. The only thing I care about is being able to make myself happy. Even though I’m an independent woman, understand that I do have a big heart. Honesty when I truly care for someone I will do just about anything they ask, but don’t take advantage of this. Once you take advantage of this part of me, all respect will be lost for you.

I’m hard to love.

Sometimes I want to be cuddle and get attention, and sometimes I don’t want you to talk to me for a couple hours. Sometimes I want you to take me out for a nice meal, but sometimes I want a home cooked meal. Every day is different for me, sometimes I change my mind every hour. My mood swings are terrible on certain days, and on those days you should probably just ignore me. I’m not easy to love, so you’ll either be willing to find a way to love me, or you’ll walk out like so many others have.

I’m scared.

I’m scared to love someone again. I’ve been hurt, heartbroken, and beat to the ground in my past relationships. I want to believe you are different, I want to hope things will truly work out, but every relationship has always ended up the same way. I’m scared to trust someone, put my whole heart into them, just to be left and heartbroken again. I sick and tired of putting my whole body and soul into someone for them to just leave when it is convenient for them. If you want to love me, understand it won’t be easy for me to love you back.

When “I’m done.”

When I say “I’m done” I honestly don’t mean that I’m done. When I say that it means I need and want you to fight for me, show me why you want to be with me. I need you to prove that I’m worth it and there’s no one else but me. If I was truly done, I would just walk away, and not come back. So if I ever tell you, “I’m done,” tell me all the reasons why I’m truly not done.

For the boy who will love me next, the work is cut out for you, you just have to be willing to do it. I’m not like other girls, I am my own person, and I will need to be treated as such. For the boy that will love me next, don’t bother with me unless you really want to be with me. I don’t have time to waste on you if you aren’t going to try and make something out of us. To the boy who will love me next, the last thing I would like to say is good luck, I have faith in you.

Cover Image Credit: Danielle Balint

Related Content

Connect with a generation
of new voices.

We are students, thinkers, influencers, and communities sharing our ideas with the world. Join our platform to create and discover content that actually matters to you.

Learn more Start Creating

Everything You Need To Know About The New Abortion Ban In Several States

DISCLAIMER: the following does not include any of my personal beliefs/opinions.


Abortion has and will always be a controversial and very sensitive topic for all genders. The following article delves into the details about the Alabama abortion ban that was signed to be a law which, if it passes, will be in effect January 2020 and briefly touches on the Georgia Heartbeat Bill.

Roe v. Wade (1973)

In 1973, Roe v. Wade 410 was passed in the U.S. by the Supreme Court. In short, this ruled that the Due Process Clause along with the 14th Amendment in the Constitution would work to give pregnant women the choice to choose whether or not they wanted an abortion AND should coincide with the government's personal agenda to protect the health of all who is involved. What I mean by this is that the Supreme Court decided during the second trimester of a pregnancy, abortions would be allowed. But, if it is the third trimester, abortion is to be prohibited unless the health of the mother is in danger. This law catapulted the abortion debate which is still going on today.

Abortion vs. Alabama

Alabama's governor, Kay Ivey, signed off on a bill that will basically ban all abortions, including rape, incest, any abnormality, and if the mother's life is in danger on May 14, 2019 after acquiring approval from 25 Senators . This could be a problem considering that it very much contradicts Roe v. Wade (1973). To Ivey, the bill is a reflection of the values in which the citizens of Alabama believe: all life is precious and a gift from God.

Governor of the State of Alabama, Kay Ivey (pictured above).

The governor of Georgia also signed a bill to ban abortion after detecting the slightest heartbeat which is approximately around the six-week pregnancy period (around the time most women discover that they are pregnant). Another important take on this is that despite the rift and debate that is going on between Democrats and Republicans, most Republicans believe that Roe v. Wade will be overturned. This is looking more like a possibility considering most of the Supreme Court consists of people who support the Republican party. In short, the main idea is to ban abortion in all of the United States, not just in some states like it is currently. In regards to Alabama, the bill still has not been enacted into a law and could possibly encounter delay in the Supreme Court because, after all, this is a very debated topic. For now, abortion is still legal until January 2020 or when it becomes a law.

Conditions of the Abortion Law

The conditions of the abortion law explicitly states that abortion during any stage of a pregnancy is prohibited and if any medical professional aids in the practice/procedure of an abortion, they will face up to 99 years in prison. If an attempt is made to perform an abortion procedure, an individual can be sentenced to 10 years in prison. Women who successfully get an abortion or attempt to will be prosecuted as well. However, only those who provide another with an abortion will be punished in Alabama, not the one receiving the service.

No form of abortion is allowed including: rape, incest, life-threatening abnormality, or putting the life of the mother in danger.

Alabama expected to approve controversial abortion bill

Two Sides to the Debate

Although most Republicans support the law, the Democratic party has combatted the notion of it. Many opponents of the ban state that the restriction can put the lives of many in danger and affects women of color and those who are living in poverty heavily. ACLU and the Center for Reproductive Rights have also declared that they will sue. Many young people have also reached out to social media websites such as Twitter and Instagram to voice their opinions:

Tweets from individuals who are anti-abortion ban

Many celebrities have also stated their opinions on the matter. Rihanna stated in one of her Instagram posts, "Take a look," referring to a picture of 25 Senators in Alabama who approved the abortion bill, "These are the idiots making decisions for WOMEN in America. Governor Kay Ivey...SHAME ON YOU!!!"

Although both sides clearly have their opinions on the debate of pro-life/pro-choice, one thing we all can agree on is that this will be a long process that can make or break the lives of a lot of people in our nation.

Until next time,


Related Content

Facebook Comments