Target could have stopped the breach that affected 110 million customers -
It turns out that the target could have stopped the breach that affected 110 of its customers if the security team acted on the warnings they received both the company's security software and antivirus system, according to Businessweek.
Why warnings were ignored?
we do not know why the target's security team has chosen not to respond to alerts, it is clear that the retail giant had the necessary safety technology, including software security and antivirus system to detect the violation.
In May of last year, Target has installed security software detecting malware called FireEye, which is also used by the Pentagon and the CIA, which allows malicious software removal software a once it is immediately detected. Unfortunately, the security team of the company disabled this feature, which is apparently a common practice among security teams, according to Businessweek.
alerts Even without the self-erase function, the security team of the received target malware both FireEye and Symantec Endpoint Protection - antivirus system retail giant - warning of malware that has infected a specific server. The team was alerted once hackers have installed the first version of the malware, and received more alerts hackers installed more malware on the system, but no action was taken on the part of the target.
As for the Neiman Marcus violation, target pirates gave the software a name similar to software used by many companies to maintain customer payment information.
How hackers have access to the target system?
in mid February KrebsOnSecurity announced that hackers had access to the target system via an email from malware laced opened by an employee of a refrigeration company, ventilation and air conditioning based Pennsylvania working with Target. Once the hackers gained access to the system, they were able to steal the payment information of 40 million customers who shopped at one of 1,797 US stores infected with malware and addresses, phone numbers and email addresses of 70 million additional customers.
what consumers should learn of the breach of the target?
negligence of the target may have jeopardized the identity of 110 of its customers, but there are two great lessons all Target customers should learn from the violation.
1. Your information may not be as safe as you think: Often we as consumers assume that our personal information is safe whenever we give a business but the reality is that it is not always as safe as we hope, as proven by target, Neiman Marcus and other security breaches.
This is why it is essential for consumers to ask questions when a company asks for personal information. Find out how the information is stored, who has access to it and what happens to him if you cancel your membership or stop using the business services. " If the company can offer a privacy policy or information on how your information will be stored, then you should consider not to give them any of your information because, at the end of the day, to pay little more money for groceries or do not get points for your purchase is better than having to deal with possible identity theft in the future.
2. Pay attention to the security software alerts: Both Target and Neiman Marcus did not take appropriate action when they received alerts from their security systems for hack, and their lack of action resulted in the exposure of millions of public information [
Even if a breach or attack malware on a consumer has no impact the number of people that a company will breach, it is still important for consumers to remember that they need to pay attention to any alerts they receive from their Internet security software because it could you and your computer from falling victim to malware or phishing attack protection. Be sure to take immediate action in response to the alert and follow the steps by the security software.
If you have been affected by the breach of the target, do the following to ensure that your identity remains safe and visit identity protection against theft blog for more tips on how to protect your identity.
0 comments:
Post a Comment