Postmortems

"On Saturday, Nov. 30,

"On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then …

Nothing happened.

For some reason, Minneapolis didn’t react to the sirens."

Originally shared by Lauren Weinstein

“Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It”
http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data