(Photo by Joe Raedle/Getty Images)
Hide Caption

Target breach appears to be part of broader scam

a a a a
Share this story

NEW YORK (AP) -- The security breach that hit Target Corp. during the holiday season appears to have been part of a broader and highly sophisticated scam that potentially affected a large number of retailers, according to a report published by a global cyber intelligence firm that works with the U.S. Secret Service and the Department of Homeland Security.

The report, made public Thursday by iSight Partners of Dallas, offers more insight into the breach at Target. That attack affected 40 million credit and debit card accounts and led to the theft of personal information, including email addresses and names, of as many as 70 million customers.

The report said that a malicious program vacuuming personal data from terminals at store check-out stations was "almost certainly derived" from BlackPOS, a crude but effective piece of software that contained malware scripts with Russian origins.

"The use of malware to compromise payment information storage systems is not new," the report said. "However, it is the first time we have seen this attack at this scale and sophistication."

Starting in June, iSight noticed the malicious software codes on the black market, the report said.

Criminals bought the original malware on the black market and then created their own attack method to target retailers' terminals at store checkout stations, iSight Partners' CEO John P. Watters said.

"It's less about the malware, but more about the sophistication of the attacks," Watters said in an interview with The Associated Press.

The report noted that because this kind of software can "cover its own tracks," it's not possible to determine the scale, scope and reach of the breach without detailed forensic analysis.

"Organizations may not know they are infected," the report said. "Once infected, they may not be able to determine how much data has been lost."

Last week, Neiman Marcus said thieves stole some of its customers' payment information and made unauthorized charges over the holidays. At the time, it said that was working with the Secret Service on the breach.

The iSight report doesn't list the names of retailers and the intelligence firm says it can't discuss whether the malicious software specifically affected Target, Neiman Marcus and other retailers. However, the report offers the latest evidence that the attacks on Target and Neiman Marcus are related and that other retailers may have been victims of a broader data scheme.

Molly Snyder, Target spokeswoman, said that the retailer did not have any details to share on the report at this time.

Neiman Marcus Group said Thursday that, to its knowledge, customers' Social Security numbers and birthdates were not stolen in the security breach.

The luxury retailer, based in Dallas, also confirmed that customers who shopped online do not appear to have been affected, and said personal identification numbers, or PINs, were never at risk because the retailer does not require PIN pads in its stores.

Neiman Marcus's spokeswoman Ginger Reeder declined to say how many people were affected by the scam, noting that the investigation is still ongoing.

Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Print this article

Comments

Hmm... It looks like you’re not a WCPO Insider. or Subscribe now to contribute!

More National Business
American, US Airways tweak fees, mileage rules
American, US Airways tweak fees, mileage rules

If you use miles to get a free ticket on American Airlines, you may have to pay to check that suitcase.

How much of your beer money goes to taxes?
How much of your beer money goes to taxes?

The states on each side of the Ohio River are at opposite spectrums when it comes to how much your favorite pint of beer is taxed.

Luxottica shares rise on Google Glass deal
Luxottica shares rise on Google Glass deal

Shares in Italian eyewear maker Luxottica have risen sharply on the announcement that it will make frames for Google's new…

RadioShack closing 1,100 stores as troubles grow
RadioShack closing 1,100 stores as troubles grow

RadioShack plans to close up to 1,100 stores in the U.S. as its troubles continue to grow.

Data-breach costs take toll on Target profit
Data-breach costs take toll on Target profit

Target Corp says the massive data breach over the holidays helped push its profit down 46 percent.

Yellen: Cont'd pullback in Fed stimulus likely
Yellen: Cont'd pullback in Fed stimulus likely

Federal Reserve Chair Janet Yellen says that if the economy keeps improving, the Fed will take "further measured steps" to reduce…

Applications for US jobless benefits fall to 331
Applications for US jobless benefits fall to 331

The number of people applying for U.S. unemployment benefits declined 20,000 last week to 331,000, suggesting that Americans are facing fewer…

CVS Caremark to stop selling tobacco products
CVS Caremark to stop selling tobacco products

CVS Caremark is kicking the habit of selling tobacco products at its more than 7,600 drugstores nationwide.

Satya Nadella tapped as new Microsoft CEO
Satya Nadella tapped as new Microsoft CEO

Microsoft has named Satya Nadella, an executive in charge of the company's small, but growing business of delivering software and…

Markets steady despite massive sell-off in Japan
Markets steady despite massive sell-off in Japan

Financial markets steadied Tuesday after the turmoil of the previous day reverberated into the Asian session. However, lingering concerns…

Market Summary
The Dow Jones Industrial Average SM is proprietary to and is calculated, distributed and marketed by Dow Jones Indexes, a licensed trademark of CME Group Index Services LLC and have been licensed for use. "Dow Jones(r)", "Dow Jones Indexes" and "Dow Jones Industrial Average SM" are service marks of Dow Jones Trademark Holdings, LLC. "CME" is a trademark of Chicago Mercantile Exchange Inc. All content of the Dow Jones Industrial Average (c) CME Group Index Services LLC 2010.