Report: Target Could Have Prevented That Enormous Data Breach

The Citizen's Guide to the Future
March 13 2014 6:27 PM

Report: Target Could Have Prevented That Enormous Data Breach

target
Target could have stopped or drastically reduced the impact of a malware attack that compromised personal data from thousands of shoppers

Photo from Shutterstock.

In an epic loss of customer information, 40 million credit card numbers and personal data from 70 million customers were stolen during an attack on Target that lasted from Nov. 27 to Dec. 18, when the big box store finally shut it down. But should Target have caught on earlier?

Bloomberg Businessweek reports that Target officials could have been made aware of the attack on Nov. 30 and again on Dec. 2. On both days the big-box store’s malware detection software, made by FireEye, sent an alert to Target's security monitors in Bangalore, India, who then contacted Target's security team in Minneapolis. But for some reason, they apparently didn't respond to either alert.

Advertisement

Congress is now investigating the situation, and congressional testimony shows that federal law enforcement officials got in touch with Target about the breach on Dec. 12. Businessweek spoke to 18 people who either worked on Target's cybersecurity in the past or have specific internal knowledge of the breach.

The story they tell is of an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes.

Target is not the first company to experience mass group denial about a security problem and miss an opportunity to deal with it as a result. In December, news broke that SnapChat had known about flaws in its user information security for four months and hadn't done anything to close the loopholes. And even when the company was forced to acknowledge the weakness publicly, it still took two weeks to release an update and correct the problem.

If the situation seems totally incomprehensible, think about your personal devices. Do you download every software update or patch the moment it’s released? The situation with Target is negligent, whereas failing to download an update on a personal device tends to stem from laziness and usually has consequences only for yourself. But they may share a common root feeling: It'll never happen to me. Except then it did happen.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Politics

Blacks Don’t Have a Corporal Punishment Problem

Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Lifetime Didn’t Think the Steubenville Rape Case Was Dramatic Enough

So they added a little self-immolation.

Two Damn Good, Very Different Movies About Soldiers Returning From War

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

Students Aren’t Going to College Football Games as Much Anymore, and Schools Are Getting Worried

The Good Wife Is Cynical, Thrilling, and Grown-Up. It’s Also TV’s Best Drama.

  News & Politics
Weigel
Sept. 20 2014 11:13 AM -30-
  Business
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
  Life
Quora
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
  Arts
Brow Beat
Sept. 20 2014 3:21 PM “The More You Know (About Black People)” Uses Very Funny PSAs to Condemn Black Stereotypes
  Technology
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Bad Astronomy
Sept. 20 2014 7:00 AM The Shaggy Sun
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.