Target Ignored Data Breach Warning Signs

Target this week acknowledged that it probably could have done more to prevent a hack that impacted up to 70 million shoppers.

"With the benefit of hindsight, we are investigating whether, if different judgments had been made the outcome may have been different," a Target spokeswoman said in a statement.

News of the Target breach emerged in December and impacted those who used credit or debit cards in U.S. Target stores between Nov. 27 to Dec. 15. The retailer said the breach affected 40 million credit and debit card numbers, as well as the personal information of up to 70 million individuals.

The hack is in the news again this week after a Bloomberg BusinessWeek article said that Target ignored warnings about a possible intrusion. The report says Target used a malware detection tool from FireEye, and that the product picked up on sketchy behavior in late November. Target was notified "and then ... nothing happened," according to BusinessWeek.

In speaking with former Target employees who know the company's security system, they discussed "an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes," the magazine reported.

In a blog post, FireEye said it is company policy "to not publically identify our customers and, as such, we cannot validate or comment on the report's claims that Target" is a customer.

In a statement today, the Target spokeswoman admitted that Target "learned that after these criminals entered our network, a small amount of their activity was logged and surfaced to our team. That activity was evaluated and acted upon. Based on their interpretation and evaluation of that activity, the team determined that it did not warrant immediate follow up."

"Our investigation is ongoing and we are committed to making further investments in our people, processes and technology with the goal of reinforcing security for our guests," Target concluded.

Target is not the only firm to fall prey to a major hack: Neiman Marcus and Michaels, among others, have also been compromised, and reports indicate that Neiman also ignored numerous warnings.

For more, check out PCMag Live in the video below, which discusses Target's breach.

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio