Target's Data Breach 2013

354 Words2 Pages

In December 2013, about a hundred and ten million people’s personal information had been compromised, because of a data breach in Target’s systems. The information included names, phone numbers, email, mailing addresses, and credit/debit card information. Target’s data breach had happened between November 27 and December 15, although they not known about the breach until several weeks later. Almost every Target customer has a debit or credit card, which contains their information that is stored on the magnetic stripes located on the back of the card. The attackers made their way into Target’s systems by taking over a third-party vendor, which happen to be Fazio Mechanical, a refrigeration contractor. The hackers would gain the information …show more content…

As results of the breach Target has agreed to reimburse customers some of their financial institutions; the company has estimated the breach to cost one hundred and sixty-two million dollars. Although Target has not able to reach an agreement with MasterCard regarding the data breach and the finical institutions. After the breach had happen it has caused Target to try to improve their security measures. To insure that a data breach would not happen again they: improved monitoring and logging of system activity, installed application whitelisting POS system, implemented POS management tools, Improved firewall rules and policies, limited or disable vendor access to their network, expanded the use of two-factor authentication and password vaults, and trained individuals on password rotation. The company as well disable, reset, or reduced privileges on over 445,000 Target employees and contractor accounts. As the result of Target’s data breach, customers enraged at the fact they had trouble contacting about the count through Target’s website and call center. Some customers would be notified about attempts on their credit card through anti-fraud units and will not be shopping at Target till the breach has been fixed or the perpetrator has been