Following the data breach that exposed 40 million customer debit and credit card details, Target Corp. hired Verizon security experts to investigate its networks for loopholes. The evaluation by Verizon was conducted from December 21, 2013 to March 1, 2014.
Krebsonsecurity reports that the result of the confidential probe revealed that once the attackers were inside Target’s network, there was nothing to stop them from gaining complete access to every single cash register in every Target store.
Verizon found “no controls limiting their access to any system, including devices within stores such as point of sale (POS) registers and servers.”
The report also pointed out that Verizon consultants were able to directly communicate with point-of-sale registers and servers from the core network, for instance, after compromising a deli meat scale located in a different store, they were able to communicate directly with cash registers in checkout lanes.
The infiltrators first hacked Fazio Mechanical, a small heating and air conditioning firm in Pennsylvania that worked with Target, via malware delivered in an email. Following this the attackers were able to steal the virtual private network credentials that Fazio’s technicians used to remotely connect to Target’s network.
The report said, “Verizon and the Target Red Team exploited several vulnerabilities on the internal network, from an unauthenticated standpoint. The consultants were able to use this initial access to compromise additional systems. Information on these additional systems eventually led to Verizon gaining full access to the network — and all sensitive data stored at on network shares — through a domain administrator account."


Zhipu AI Raises HK$31.37 Billion in Discounted Share Sale to Accelerate AI Growth
SK Hynix Shares Drop After Strong Nasdaq Debut Despite $26 Billion ADR Listing
Nvidia Tightens AI Chip Sales in Asia With Stricter Customer Approval Process
TSMC Q2 Revenue Surges 36% as AI Chip Demand Powers Growth Ahead of Earnings
Wolfspeed Sues Navitas Over GaN and SiC Patent Infringement
Morgan Stanley Says China’s Reusable Rocket Progress Poses Long-Term Challenge to SpaceX
Apple Sues OpenAI, Former Employees Over Alleged Trade Secret Theft
OpenAI Executive Fidji Simo to Step Down Amid Health Challenges Ahead of IPO
Australia Flags Child Safety Gaps at Apple, Meta, Google Over Online Sexual Extortion
Meta Says States Seek $1.4 Trillion in Penalties Over Teen Social Media Addiction Lawsuit
Elon Musk Says Anthropic Leads AI Race as Claude Models Challenge OpenAI
SK Hynix’s $28 Billion U.S. Share Sale Draws Massive Demand Amid AI Chip Boom
Bain Capital Exits Kioxia After AI-Fueled Valuation Surge
Yaskawa Electric Shares Slide as Weak Profit Overshadows Strong AI Demand 



