It goes from bad to worse. The initial 40 million turns out to be really 110 million. Apparently the forensics team discovered another 70 million cards exfiltrated. And then the news broke about Neiman-Marcus, and three other major yet unknown retailers using similar techniques as the one on Target called RAM Scraping which looks at data while it travels through the memory of a computer.
Since these hacks seem to be date-coincident, you would assume that it's the same eastern European cyber mafia that was behind this record cyberheist. Next, the possibility comes to mind that these retail chains might even use the same point of sale vendor and that this vendor could have been penetrated even before both Target, Neiman-Marcus and the others.
Some conclusions:
- If you process a lot of consumer data year-round, it is the safest play to assume you are already hacked and that you need to find and root out the perpetrators.
- If one of your IT Vendors has been breached, you might very well become the adverse effect of that. If you can, get them audited for their IT security.
- It is assumed the Target hackers are eastern European since the stolen data surfaced there and is for sale by a man living in Odessa, Ukraine. That means they likely came in via spear-phishing and providing mandatory and effective security awareness training for all employees is becoming a must.
Why? "They steal and combine what was stolen in previous breaches," said Avivah Litan, a fraud analyst at technology research company Gartner. "There are warehouses of information on people and dossiers. Now we've got John's credit card, his address, his phone number... they do put it together and sell entire profiles on people." And those profiles can be used to create very convincing and sophisticated spear-phishing attacks.
