Data security firm says Target customers victims of two-stage attack

Jan. 17, 2014 at 2:00 PM
| License Photo

MINNEAPOLIS, Jan. 17 (UPI) -- The hack compromising millions of Target customers in the United States occurred in two distinct phases, a Silicon Valley data security company said.

"First, the malware that infected Target's checkout counters [point of sale] extracted credit numbers and sensitive personal details," Seculert's research lab officials posted Thursday in a blog after running a sample of the malware. "Then, after staying undetected for six days, the malware started transmitting the stolen data to an external FTP [file transfer protocol] server, using another infected machine within the Target network."

The transmissions occurred during a two-week period beginning Dec. 2, the blog said.

Seculert, based in Menlo Park, Calif., said none of the stolen Target data was still on the external server and an analysis of publicly available access logs indicates Target was the only retailer affected.

Minneapolis-based Target first revealed the data breach in December during the height of the holiday shopping season. It first said debit card and credit card data from up to 40 million customers were compromised -- then on Jan. 10 said a separate attack stole data from up to 70 million more customers.

Like Us on Facebook for more stories from UPI.com  
Related UPI Stories
Latest Headlines
Top Stories
Kuwait orders NBC reconnaissance vehicles
Netherlands orders Bushmaster armored vehicles
Royal Navy ships receiving maintenance services in Bahrain
RADA Electronics receives radar order
Sony unveils crowdfunding site to gain momentum for new products