What You Should Know about the Cyber Attacks on Retailers
Over the past few weeks our newsfeeds have been flooded with updates on the recent data breaches at Target, Neiman Marcus, and Michaels. What it all means has been difficult for many of us to follow due to the complexity and scale with which the hackers attacked these retailers and their customer data. Digital Citizens wants to address some of the questions surrounding these events.
First, who’s at fault?
In one sense, the answer is simple: the hackers. Target is doing everything possible to minimize the damage and inconvenience for its customers, but that shouldn’t be interpreted to mean the company is at fault. Target is also a victim, and no matter how good its security measures, any organization that hosts information electronically is at risk for cyber attacks. Hackers have access to continually evolving tools and technologies designed specifically for that purpose, and keeping up with the technologies is a significant challenge.
In another sense, the answer is more difficult. The identities of the hackers are still in question, but authorities do know a couple of things: they are specific and they are sophisticated. William Noonan, the deputy special agent in charge of criminal investigations of cybercrimes, told a House subcommittee, “The malware used to infect the computers’ systems were not off the shelf.” One Member of Congress responded with, “So it was specifically designed for Target.”
There is one potential lead, however. One security firm claims it has found the mastermind behind the malware that penetrated Target’s security wall—and he is younger than you might have expected. Business Insider reports that cyber security firm, IntelCrawler, which is based out of Los Angeles, has pinned a 17-year-old with “roots” in St. Petersburg with creating the code.
Second, how did it happen and what is Target doing about it?
From the public’s perspective, it started with the revelation from Target that millions of people could have been affected by a massive data breach. We now know that hackers likely stole customer information via a third party vendor. We give kudos to Target for acting swiftly and being transparent throughout the process so far, as well as taking steps to ensure their customers have the resources they need to be and feel safe once again. Here are a few things you should know:
- Free Credit Monitoring: Target is offering one year of free credit monitoring to all victims of this attack.
- Monitor your bank statements: Financial institutions have issued new credit and debit cards to affected consumers. If you see suspicious activity on your bank statements, call your institution immediately.
- Businesses are investing resources to educate consumers: Target, for instance, has committed millions of dollars to help educate consumers on the threats of online scams.
- Your Social Security Numbers Are Safe: The recent credit card hacks did not compromise individual social security numbers.
- You are not responsible for fraudulent charges: Either your bank or Target has that responsibility.
More information on what Target is doing can be found on their website.
Big questions still remain about who is behind the recent big retail attacks. Given so many of them happening in recent succession, it appears this may be a coordinated effort by the same people. But it might also be a series of copycat or individual attacks that simply have suspicious timing. It will take time for law enforcement authorities and security experts to unravel the full story. Digital Citizens will continue to follow the issue and let you know what we learn—and what you can do.