Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Target Hackers Tapped Vendor CredentialsTarget Hackers Tapped Vendor Credentials
Investigators suspect that BMC software, Microsoft configuration management tools, and SQL injection were used as hacking tools and techniques in Target's massive data breach
1 Min Read
Target said Wednesday that the hackers who attacked the company employed access credentials that were hardcoded into a product used by the retailer.
"We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor's credentials which were used to access our system," Target spokeswoman Molly Snyder said Thursday via email.
Target declined to identify the vendor whose credentials attackers had obtained, though confirmed that the attack vector has been blocked. "As we have previously shared, we confirmed the breach on December 15 and were able to eliminate the malware and close the access," she said. "Since that time we have taken extra precautions such as limiting or updating access to some of our platforms while the investigation continues."
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author
You May Also Like
More Insights
Webinars
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025
