"Six months [before the attack, Target] began installing a $1.6 million malware detection tool made by the computer security firm FireEye (FEYE), whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target’s security operations center in Minneapolis would be notified.
On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then …Nothing happened.
For some reason, Minneapolis didn’t react to the sirens.Target employees familiar with the company’s data security operation, as well as eight people with specific knowledge of the hack and its aftermath, including former employees, security researchers, and law enforcement officials. The story they tell is of an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes."
- http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data
Home Depot security hack: What to do if your cards are breachedhttp://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data
JPMorgan hack exposed data of 83 million, among biggest breaches in historyhttp://www.cbc.ca/news/business/home-depot-security-hack-what-to-do-if-your-cards-are-breached-1.2760773
http://www.reuters.com/article/2014/10/02/us-jpmorgan-cybersecurity-idUSKCN0HR23T20141002
JPMorgan hack exposed data of 83 million, among biggest breaches in history
(Reuters) - Names, addresses, phone numbers and email addresses of the holders of some 83 million households and small business accounts were exposed when computer systems at JPMorgan Chase & Co (JPM.N) were recently compromised by hackers, making it one of the biggest data breaches in history.
The bank revealed the scope of the previously disclosed breach on Thursday, saying that there was no evidence that account numbers, passwords, user IDs, birth dates or Social Security numbers had been stolen.
It added that it has not seen "unusual customer fraud" related to the attack which exposed contact information for 76 million households and 7 million small businesses.
The people affected are mostly account holders, but may also include former account holders and others who entered their contact information at the bank’s online and mobile sites, according to a bank spokeswoman.
Security experts outside of the bank warned that the breach could result in an increase in crime as scammers will likely attempt to use the stolen information to engage in various types of fraud.
The bank's customers should be on heightened alert for fraud, said Mark Rasch, a former federal cyber crimes prosecutor.
"All of this data is useful to hackers and identity thieves," he said. "The kind of information that was stolen is not sensitive itself, but is frequently used to validate people's identities."
Tal Klein, vice president with the cybersecurity firm Adallom, said that the breach could undermine confidence in the security of banks and other companies that people assume are well protected from hackers.
"Criminals could literally take on the identities of these 83 million businesses and people. That's the biggest concern," he said.
"Until now the assumption has been that the companies that get breached are the ones that have poor security practices, but we know that JPMorgan had a good security program and that they invest heavily in this area," he said. "So what we are waking up to is that the fundamental nature of security is broken."
Still, JPMorgan advised customers on its website that it does not believe they need to change their passwords or account information.
Company spokeswoman Patricia Wexler said that the bank is not offering credit monitoring to its customers because no financial information, account data or personally identifiable information was compromised.
At the end of August, JPMorgan said it was working with U.S. law enforcement authorities to investigate a possible cyber attack. As with home break-ins, it can take victims of data attacks months to discover what, if anything, is missing.
(Reporting by Tanya Agrawal in Bangalore, David Henry in New York and Jim Finkle in Boston.; Editing by Ted Kerr and Bernard Orr)