Target Security Breach in 2013

Introduction

            The main point to be covered in this discussion is the Target Corporation security breach that took place in 2013, which affected customers who swiped their credit and debit cards between Nov. 27/2013 and Dec. 15/2013, and became a very important topic in network security. This security issue was announced via a report written by the security researcher Brian Krebs, who published that Target had suffered a data breach and the customer’s card information was totally exposed and unsecure in 2013 (CNN Money, 2013).

About the Company

            Target Corporation is the 2nd largest American retailing company having revenue of $72,596 in 2013 and taking the 29th place in the ranking on Fortune’s World Most Admired Companies List (Target Corporation, 2014).

Affected and Impacted Customers

            The main fact is that in 2013 about 40 million credit and debit card information stored in the Target Corporation computers, was stolen by hackers and this information was used by bad-intentioned users, who possibly would use this information for self-benefit.

Technical Information and Causes

            To understand a bit more about it, security experts said that hackers targeted the point-of-sale system, maybe infecting those computers with malware in the terminals or possibly collecting the data on route to the credit card processors (CNN Money, 2013).

            Specialists said that the main problem is the obsolete technology used in American Credit and Debit card transactions. Comparing to the technology used abroad credit cards have a chip that creates a unique PIN for the transaction, and are also more difficult to clone, different from the technology used in the USA, which the magnetic strip could be easily duplicated.

My personal critical thoughts

            With my experience on developing software, first, a big mistake is probably the technique of storing the complete user’s credit card information since it is not necessary because there is the possibility of storing only a part of the credit card number and ask the user to fill it when necessary, so I would never encourage storing all the card information at any computing resource.

            Based on my findings I can conclude that the main reason all the information being stolen is the use of obsolete technology not only in Target Corporation, but also by all the American companies that uses credit card related operations.

Conclusion

            Computer security cannot be guaranteed with the kind of technology we have nowadays specially when we considering networks, which data can be intercepted and you do not have control to where this is information is being transferred and stored.

            The Target Corporation case became very popular on the news, but this kind of security breach occurs frequently on the Internet and so much information is stolen every day, nevertheless it is possibly never come to the news.

CNN Money. 2013. Target: 40 million credit cards compromised. [ONLINE] Available at: http://money.cnn.com/2013/12/18/news/companies/target-credit-card/index.html?iid=EL. [Accessed 03 August 14].

Target Corporation. 2014. Corporate Overview. [ONLINE] Available at: http://investors.target.com/phoenix.zhtml?c=65828&p=irol-homeprofile. [Accessed 03 August 14].

CNN Money. 2013. Target credit card hack: What you need to know. [ONLINE] Available at: http://money.cnn.com/2013/12/22/news/companies/target-credit-card-hack/. [Accessed 03 August 14].

Think Progress. 2013. Why Target’s Security Breach Was Bound To Happen. [ONLINE] Available at: http://thinkprogress.org/economy/2013/12/23/3101291/target-breach-highlights-lack-uniform-consumer-protections/. [Accessed 03 August 14].

Advertisements