Target

Target

In 2013, a sophisticated cyber attack on Target resulted in the exposure of 41 million payment cards and the contact information of approximately 70 million customers. This cyber assault was initiated through a spear phishing operation targeting a third-party vendor, aimed at acquiring user credentials. Once the attackers had breached Target's defenses, they deployed malware designed to capture customer data during transactions over a two-month period. The aftermath of this breach was profound, leading to the departure of the CEO and culminating in Target agreeing to pay fines totalling $18.5 million to settle claims from across the country. Ultimately, the breach led to the company incurring around $290 million in costs, encompassing fines, remediation efforts, consulting fees, and more.

Source: https://arcticwolf.com/resources/blog/10-major-retail-industry-cyber-attacks/

TPRM report: https://scoringcyber.rankiteo.com/company/target

"id": "tar600050524",
"linkid": "target",
"type": "Breach",
"date": "02/2014",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': '70 million',
                        'industry': 'Retail',
                        'name': 'Target',
                        'size': 'Large',
                        'type': 'Retail'}],
 'attack_vector': 'Spear Phishing, Malware',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '111 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Payment card information',
                                              'Customer contact information']},
 'date_detected': '2013',
 'description': 'In 2013, a sophisticated cyber attack on Target resulted in '
                'the exposure of 41 million payment cards and the contact '
                'information of approximately 70 million customers. This cyber '
                'assault was initiated through a spear phishing operation '
                'targeting a third-party vendor, aimed at acquiring user '
                "credentials. Once the attackers had breached Target's "
                'defenses, they deployed malware designed to capture customer '
                'data during transactions over a two-month period. The '
                'aftermath of this breach was profound, leading to the '
                'departure of the CEO and culminating in Target agreeing to '
                'pay fines totalling $18.5 million to settle claims from '
                'across the country. Ultimately, the breach led to the company '
                'incurring around $290 million in costs, encompassing fines, '
                'remediation efforts, consulting fees, and more.',
 'impact': {'data_compromised': ['41 million payment cards',
                                 "70 million customers' contact information"],
            'financial_loss': '$290 million',
            'payment_information_risk': 'High'},
 'initial_access_broker': {'entry_point': 'Third-party vendor'},
 'motivation': 'Financial Gain',
 'regulatory_compliance': {'fines_imposed': '$18.5 million'},
 'title': 'Target Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Third-party vendor credentials'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.