Here's How Criminals Shacked Up Inside Target's System

Racked is no longer publishing. Thank you to everyone who read our work over the years. The archives will remain available here; for new stories, head over to Vox.com, where our staff is covering consumer culture for The Goods by Vox. You can also see what we’re up to by signing up here.

The fallout from Target's massive pre-holiday security breach hasn't ended yet. On Friday, the New York Times published a long article focused on exactly how Target's system was hacked, and it's pretty frightening. Meanwhile, yesterday two men were arrested in Texas with a batch of 96 cards stolen in the breach. As one police officer reported, the criminals who lifted shoppers' info are "selling the data sets by region;" the two men were holding cards of South Texas customers.

The Times report on the massive breach opens on this terrifying note:

Entering through a digital gateway, the criminals discovered that Target's systems were astonishingly open — lacking the virtual walls and motion detectors found in secure networks like many banks'. Without those safeguards, the thieves moved swiftly into the company's computer servers containing Target's customer data and to the crown jewel: the in-store systems where consumers swipe their credit and debit cards and enter their PINs.

Whoever was behind the attack then stored the stolen data on a 'infected' server inside Target's system, moving it off to a web server every six days. Malware helped them to cover their tracks and skirt virus protection software. Experts predict that the fallout will cost retailers and banks some $18 million and that consumers could be responsible for an additional $4 million in losses.
· A Sneaky Path Into Target Customers' Wallets [NYT]
· Cards From Target Breach Being Sold in Custom Sets, Police Say [NYT]
· Target Breach Actually Worse Than Previously Thought [Racked]
· Target Confirms Encrypted PINs Were Stolen As Well [Racked]