Archived KrebsOnSecurity Breaks Story on Target Data Breach

[commiecorvus]

HI Jim
Welcome to The Break Room.

No need to shout.
We see you.

But yea, there are a lot of useful links and he does get some great inside stuff.
He also had a rather viscous battle with Target which probably explains some of his attitude.
In a way I don't blame him but at the same time I think he could get his message across better and not alienate people if he kept it more professional.

I have my own anger issues when it comes to Spot but I try to keep my posts as level headed as possible.
It doesn't always work but I try.

 

[Hardlinesmaster]

Welcome, Jim!

 

[mrknownothing]

The latest from the other guy:
http://targetfiling.blogspot.com

===============================================================
:excited:
I spent about 40 min looking at the top of the blog, it seems to go on forever, but it also has a load of links to articles and sites as well as about a half dozen others which are probably his work.

Isn't this the guy who got sued by Spot for putting up some 'confidential' info from Target? If so it might explain his dislike for the company.

Welcome to The Break Room!

 

[redeye58]

Isn't this the guy who got sued by Spot for putting up some 'confidential' info from Target? If so it might explain his dislike for the company.

I'd like to think he got dumped by a gal who worked at Target.
Spot does like to defend their turf, tho.
Heck, even THIS site was sued after info that was deemed 'corp property' was posted so the mods are meticulous about keeping TBR out of trouble with spot.

 

[HardlinesFour]

I'd like to think he got dumped by a gal who worked at Target.

I think it had to do with a Blender he bought off Clearance, and got mad after his return was rejected because it was "used"... lol 😛

 

[antivibe]

Always so charming......not!

But, he does have some good info.

But it's hard to take seriously with all of the childish, incessant name calling.

I stopped reading after seeing the word "Tarbutt"

 

[Iheartplanograms]

Who is angry for that long? I don't even remember 2006.

 

[HardlinesFour]

I stopped reading after seeing the word "Tarbutt"

I think thats a Target nickname for a um, nevermind 😉 😛

 

[HardlinesFour]

Who is angry for that long? I don't even remember 2006.

It was a pretty good year. The Job market was strong, gas prices were extra low in the $1 range, I think in general everything was just, well, better 🙂

I miss those days...

 

[HardlinesFour]

I spent about 40 min looking at the top of the blog, it seems to go on forever, but it also has a load of links to articles and sites as well as about a half dozen others which are probably his work.

Isn't this the guy who got sued by Spot for putting up some 'confidential' info from Target? If so it might explain his dislike for the company.

Hi Evan! I see you decided to sign up again, after yet another Ban, and calling me a idiot on your little blog. I think it's time to say Bye-Bye to my family here.

I want you guys to realize, Evan is posting copyrighted, internal company information on his personal site. By us promoting him, on this forum, TBR site owner & admin (Formina Sage) is put at risk of being held liable for anything he posts.

 

[oath2order]

How much does everyone want to bet they got more than just "Names and E-mails"?

This is what I've been saying to my coworkers.

There's more to come, I just know it.

 

[Hardlinesmaster]

How much does everyone want to bet they got more than just "Names and E-mails"?

This is what I've been saying to my coworkers.

There's more to come, I just know it.

I am watching that closely, too. I am still thinking that the bad guys got into ehr, too.

 

[neversaynever]

Ohhhh, apparently Reuters said today there are MORE that were hacked this holiday season!!!

Now they can tell us how deep our info breached was....

I"d go find a better link - but I'm supposed to be painting not reading my facebook feed.

http://gizmodo.com/report-holiday-hackers-attacked-at-least-three-other-m-1499657812

 

[RhettB]

Here's one.

http://www.reuters.com/article/2014/01/12/us-target-databreach-retailers-idUSBREA0B01720140112

 

[odie]

Today, Greg somewhat ridiculously tried to justify not disclosing this crisis for four days: http://www.cnbc.com/id/101329300

The worst part is that, if I understand his statement correctly, It wasn't safe to use a card until six p.m. that Sunday, which means that he admitted that they knew of the breach, yet allowed people to continue using cards that entire day. You would think that our entire debit and credit system would have been turned off that day to protect any further data theft. To allow consumer data to continue to be stolen sounds like criminal negligence to me. Furthermore, It's appalling that employees didn't even get a warning not to use cards on that day. They cared more about making that extra bit of money rather than protecting their consumers and employees.

 

[Softlines Owns My Soul]

Today, Greg somewhat ridiculously tried to justify not disclosing this crisis for four days: http://www.cnbc.com/id/101329300

The worst part is that, if I understand his statement correctly, It wasn't safe to use a card until six p.m. that Sunday, which means that he admitted that they knew of the breach, yet allowed people to continue using cards that entire day. You would think that our entire debit and credit system would have been turned off that day to protect any further data theft. To allow consumer data to continue to be stolen sounds like criminal negligence to me. Furthermore, It's appalling that employees didn't even get a warning not to use cards on that day. They cared more about making that extra bit of money rather than protecting their consumers and employees.

That is ALWAYS. That is their MO. Watch the orientation video..best with guests, best with employees, best with SHAREHOLDERS. They put that in the freaking orientation. There is clearly an emphasis on being the best with shareholders, then maybe the guests, but definitely not the employees. That's fine, they are publicly traded and are certainly allowed, but at what cost?

 

[oath2order]

Ohhhh, apparently Reuters said today there are MORE that were hacked this holiday season!!!

Now they can tell us how deep our info breached was....

I"d go find a better link - but I'm supposed to be painting not reading my facebook feed.

http://gizmodo.com/report-holiday-hackers-attacked-at-least-three-other-m-1499657812

Macys and Sears maybe?

I know they're not in malls but I would just die if Walmart got hacked too.

Today, Greg somewhat ridiculously tried to justify not disclosing this crisis for four days: http://www.cnbc.com/id/101329300

The video on that link started auto-playing. "We are in the middle of a criminal investigation."

The fact that they enabled the hackers to get more data by not stopping card transactions is criminal. Maybe aiding and abetting.

 

[redeye58]

Sears & Kmart were hit 2 yrs ago I believe.
JCPenney was hit recently.
TJMaxx was hit back in 2005 but it took them well over a year to catch on.
Currently the banks are stopping much of it but it's what THEY should be doing any way since they refuse to upgrade the card read system. Most of the cards used throughout Europe are microchip-embedded but US banks won't switch unless someone else picks up the tab of replacing every ATM in the country.
Every. Single. One.

 

[oath2order]

Sears & Kmart were hit 2 yrs ago I believe.
JCPenney was hit recently.
TJMaxx was hit back in 2005 but it took them well over a year to catch on.
Currently the banks are stopping much of it but it's what THEY should be doing any way since they refuse to upgrade the card read system. Most of the cards used throughout Europe are microchip-embedded but US banks won't switch unless someone else picks up the tab of replacing every ATM in the country.
Every. Single. One.

So we're going to be stuck with the crappy ATMs and non-microchip cards we have right now forever then?

 

[TargetMitchell]

The credit monitoring sign-up page is now live.

https://creditmonitoring.target.com

 

[Hardlinesmaster]

Rj, go under your edit post. Look to the bottom right corner.

 

[sigma7]

I'm just wondering who these three other retailers are that got hacked besides us and NM...

 

[Retail Girl]

They probably won't say. I found it interesting that when JC Penney and Target were hacked in 2007, that it took them two years to come forward.

 

[RhettB]

They probably won't say. I found it interesting that when JC Penney and Target were hacked in 2007, that it took them two years to come forward.

How long will it take HQ to disclose if employee data was hacked?

 

[Retail Girl]

They probably won't say. I found it interesting that when JC Penney and Target were hacked in 2007, that it took them two years to come forward.

How long will it take HQ to disclose if employee data was hacked?

By law they have to if social security numbers were compromised. But the time frame? I have no idea.