In a significant breach in 2013, Target fell victim to cybercriminals who exposed payment information for 41 million customers and contact details for an additional 29 million. The attackers initiated their campaign by targeting a third-party vendor with a spear phishing attack, which was designed to steal the vendor’s credentials. With access to Target’s network, they deployed malware that allowed them to capture customer payment details over a two-month period. This attack not only led to the enormity of customer data being compromised but also had substantial financial repercussions for Target. With the total costs for the breach nearing $290 million due to legal, remediation, and consulting fees among others, this event underscores the critical need for rigorous cybersecurity measures, especially in guarding against third-party vulnerabilities. The breach prompted significant changes at Target, including the departure of its CEO and the payment of fines totaling $18.5 million to settle claims country-wide, highlighting the severe impact attacks can have on an organization's financial health and leadership.
Source: https://arcticwolf.com/resources/blog/10-major-retail-industry-cyber-attacks/
"id": "tar304050624",
"linkid": "target",
"type": "Ransomware",
"date": "04/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"