In 2013, Target experienced a severe cyber attack that exposed the payment card information of 41 million customers and the contact information for approximately 70 million customers. The breach was orchestrated via a spear phishing attack aimed at a third-party vendor, which allowed the attackers to compromise Target's network and install malware. This malware was then used to capture customer data over two months. The financial repercussions of the attack were substantial, with the overall cost to Target being approximately $290 million. This included fines, remediation efforts, consulting fees, and other various expenses. The breach not only resulted in significant financial losses but also led to the departure of Target's CEO and harmed the company's reputation among consumers.
Source: https://arcticwolf.com/resources/blog/10-major-retail-industry-cyber-attacks/
TPRM report: https://scoringcyber.rankiteo.com/company/target
"id": "tar307050624",
"linkid": "target",
"type": "Cyber Attack",
"date": "12/2013",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '70 million',
'industry': 'Retail',
'location': 'United States',
'name': 'Target',
'type': 'Retailer'}],
'attack_vector': 'Spear Phishing',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': ['41 million', '70 million'],
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Payment card information',
'Contact information']},
'description': 'In 2013, Target experienced a severe cyber attack that '
'exposed the payment card information of 41 million customers '
'and the contact information for approximately 70 million '
'customers. The breach was orchestrated via a spear phishing '
'attack aimed at a third-party vendor, which allowed the '
"attackers to compromise Target's network and install malware. "
'This malware was then used to capture customer data over two '
'months. The financial repercussions of the attack were '
'substantial, with the overall cost to Target being '
'approximately $290 million. This included fines, remediation '
'efforts, consulting fees, and other various expenses. The '
'breach not only resulted in significant financial losses but '
"also led to the departure of Target's CEO and harmed the "
"company's reputation among consumers.",
'impact': {'brand_reputation_impact': "Significant harm to the company's "
'reputation',
'data_compromised': ['Payment card information of 41 million '
'customers',
'Contact information of 70 million customers'],
'financial_loss': '$290 million',
'payment_information_risk': 'High'},
'initial_access_broker': {'entry_point': 'Third-party vendor'},
'motivation': 'Financial Gain',
'title': 'Target Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Third-party vendor access'}