I'm sure that people will be interested in how the Target data breach happened.

I’m sure that people will be interested in how the Target data breach happened. Here’s a recent AP story; it doesn’t provide postmortem details.


The quote:

Target hasn’t disclosed exactly how the breach occurred but said it has fixed the problem.

Given the millions of dollars that companies such as Target spend implementing credit-card security measures each year, Avivah Litan, a security analyst with Gartner Research said she believes the theft may have been an inside job.

‘‘The fact this breach can happen with all of their security in place is really alarming,’’ Litan said.

Indeed, it will be interesting to find out the root causes here – at that scale there had to be a big breakdown in technology and process…

“We have determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV.” - https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca

Krebs on Security is on the hunt for what happened after the incident, and how banks are or are not taking proactive action.

“When I mentioned that a big bank I’d spoken with had found a 100 percent overlap with the Target breach window after purchasing its available cards off a particular black market card shop called rescator[dot]la, my source at the small bank asked would I be willing to advise his fraud team on how do the same?”


I don’t understand the statement about the “100 percent overlap” - overlap in time? of what?

…then I read the article. The bank bought a lot of stolen card data, and of those that belonged to the bank, 100% had been used at target between 11/27 and 12/15.