20 February 2018
visit www.nextgenbanking.co.uk/

Target hackers used POS malware to steal card details

14 January 2014  |  7578 views  |  0 Credit card

Target has confirmed that crooks managed to steal the card details of tens of millions of customers by infecting its point-of-sale terminals with malware.

In an interview with CNBC, Target chairman and CEO Gregg Steinhafel revealed "there was malware installed on our point-of-sale registers" which has since been removed.

The malware enabled crooks to steal the details of around 40 million customer cards and the personal information - including names, mailing and e-mail addresses, and phone numbers - of another 70 million.

While Target is working with law enforcement agencies to figure out how the attack was conducted and who was behind it, a massive damage limitation campaign is also underway in a bid to assure customers that it is safe to shop at the retailer.

Full page adverts have been taken out in major newspapers apologising for the breach, with Steinhafel vowing: "We are determined to make things right, and we will."

The company has also committed $5 million to set up a coalition dedicated to educate consumers about cybersecurity and the dangers of phishing scams. The National Cyber-Forensics and Training Alliance, National Cyber Security Alliance and Better Business Bureau have all signed on.

The fall out from the breach is likely to hit target hard, with Putnam Bank the first to file a suit against the chain, claiming that the security breakdown forced the bank to issue customer alerts and new cards, while reimbursing account holders for losses. Separately, JPMorgan has confirmed that it replaced two million customer payment cards in the wake of the breach.

Meanwhile, House of Representative Democrats have called for a congressional inquiry into the data breach. Following the lead of Senate colleagues, 17 Democrats wrote to Financial Services Committee chairman Jeb Hensarling, asking for the hearing.

In a statement, Hensarling says: "The House Financial Services Committee has held, and will continue to hold, hearings on the security of information collected by these agencies and financial institutions and will continue to press for accountability of all those who collect personal consumer data."

In the last few days it has emerged that Target is not the only retailer to have been hit by hackers in recent weeks. Neiman Marcus Group has admitted that crooks have compromised its systems and made off with customer card details, while several other merchants are reported to be preparing to go public with their own breaches.

The news has led to calls for an industry-wide switch to chip-based EMV cards in the US, with MasterCard the latest to weigh in. In a a letter to financial institutions, merchants and other customers, Chris McWilton, MasterCard president, North America, outlined the company's commitment to maintaining the current timeline and liability shift milestones for the U.S. EMV-Chip migration. 

While there has been some questions on how the current uncertainty regarding US debit routing requirements may impact the implementation of EMV, McWilton outlined the need to maintain progress toward the upgrade of the US market that will "drive both innovation and security for all of us and, more importantly, consumers and cardholders…As we've seen recently, the fraudsters will not delay their activities."


Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Hackers compromise Neiman Marcus customer card data

Hackers compromise Neiman Marcus customer card data

13 January 2014  |  4755 views  |  0 comments | 6 tweets | 3 linkedin
Target raises numbers hit by data breach from 40 million to 70 million

Target raises numbers hit by data breach from 40 million to 70 million

10 January 2014  |  6039 views  |  1 comments | 11 tweets | 6 linkedin
Target says 40 million cards may have been compromised in data breach

Target says 40 million cards may have been compromised in data breach

19 December 2013  |  10440 views  |  2 comments | 11 tweets | 12 linkedin

Related company news


Related blogs

Create a blog about this story (membership required)
visit www.nextgenbanking.co.ukvisit www.swift.com/your-needs/instant-paymentsVisit http://info.nice.com

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
11675 views comments | 16 tweets | 12 linkedin
ABN Amro moves escrow accounts to the blockchainABN Amro moves escrow accounts to the bloc...
9288 views comments | 15 tweets | 13 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
9124 views 10 comments | 22 tweets | 26 linkedin
Coinbase and Visa at loggerheads over erroneous charges on customer crypto accountsCoinbase and Visa at loggerheads over erro...
7774 views comments | 13 tweets | 11 linkedin
FCA explores creation of global sandboxFCA explores creation of global sandbox
7198 views comments | 19 tweets | 18 linkedin

Featured job

to £100K base, double OTE, benefits
London, UK

Find your next job