Scribd
Upload
246 views8 pages

Target Breach

In 2013, Target suffered a major data breach affecting over 40 million customer payment cards. Hackers were able to access Target's network by sending a phishing email to a third-party vendor, allowing malware to be installed. This malware stole login credentials and exploited a SQL injection to install custom malware on point-of-sale machines to collect and transmit payment data. The breach cost Target over $300 million and had reputational, financial, and operational effects including lost sales, lawsuits, and executive resignations. Target's network security failed to detect the breach for several weeks.

Uploaded by

sandeep reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
246 views8 pages

Target Breach

In 2013, Target suffered a major data breach affecting over 40 million customer payment cards. Hackers were able to access Target's network by sending a phishing email to a third-party vendor, allowing malware to be installed. This malware stole login credentials and exploited a SQL injection to install custom malware on point-of-sale machines to collect and transmit payment data. The breach cost Target over $300 million and had reputational, financial, and operational effects including lost sales, lawsuits, and executive resignations. Target's network security failed to detect the breach for several weeks.

Uploaded by

sandeep reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 8

2013 Target Data Breach

Team 4
Annamarie Filippone | Daniel Min | Mansi Paun | Sean Walsh | Shizhong Yang
AGENDA
● What happened?
● How did it happen?
● What were the consequences?
● How could it have been prevented?
TIMELINE
2013 DATA BREACH
● Phishing email sent to Fazio Mechanical
● Trojan Malware “Citadel” steals login credentials
● SQL Injection attack
● Custom malware installed on POS machines
● Data sent to middle-man servers to await download
EFFECTS OF THE BREACH
Reputational
● Lose customer trust and business

Financial
● Sales discounts that lower profit margins
● Holiday sales fall
● Reduced stock price
● Costs exceed $300M
● $116M spent in settlements

Operational
● Layoffs and hiring freeze
● CEO resigns
CONCLUSION
● 3rd party vendor access to network
○ What went wrong?
○ How to prevent it?
● FireEye Security System
○ What went wrong?
○ How to prevent it?
● Security Team Personnel in Bangalore
○ What went wrong?
○ How to prevent it?
Q&A
WORKS CITED
1. Clark, Meagan. "Timeline of Target's Data Breach And Aftermath: How Cybertheft Snowballed For The
Giant Retailer." International Business Times. IBT Media, Inc., 05 May 2014. Web. 05 Nov. 2016.
<http://www.ibtimes.com/timeline-targets-data-breach-aftermath-how-cybertheft-snowballed-giant-
retailer-1580056>.
2. Olavsrud, Thor. "11 Steps Attackers Took to Crack Target." CIO. CXO Media, Inc., 02 Sept. 2014. Web. 05
Nov. 2016. <http://www.cio.com/article/2600345/security0/11-steps-attackers-took-to-crack-target.html>.
3. Garcia, Ahiza. “Target Settles for $39 Million Over Data Breach.” CNNMoney. Cable News Network, 02
Dec. 2015. Web. 05 Nov. 2016. <http://money.cnn.com/2015/12/02/news/companies/target-data-breach-
settlement/>.
4. Vijayan, Jaikumar. “Target Breach Happened Because of Basic Network Segmentation Error.”
Computerworld. Computerworld, Inc., 06 Feb. 2014. Web. 05 Nov. 2016.
<http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-
of-a-basic-network-segmentation-error.html>.
5. Riley, Michael, Benjamin Elgin, Dune Lawrence, and Carol Matlack. “Missed Alarms and 40 Million
Stolen Credit Card Numbers: How Target Blew It.” Bloomberg. Bloomberg, L.P., 13 Mar. 2014. Web. 05
Nov. 2016. <http://www.bloomberg.com/news/articles/2014-03-13/target-missed-warnings-in-epic-hack-
of-credit-card-data>.

You might also like