Baseball91's Weblog

December 21, 2013

Target and My Credit Card

Filed under: Target — baseball91 @ 9:35 PM
Tags:

Target Logo, Sunnyvale Negligence? Target cyber security was just negligent? And how long does it take to discover something is wrong with your cyber security? And then no announcement? The announcement of the “breach” came from the outside. Former Washington Post staffer from 1995 to 2009 and leading cyber security journalist Brian Krebs first reported the breach Wednesday afternoon on his Krebs on Security blog, which covers cyber crime, privacy, and other Internet security topics.

http://krebsonsecurity.com/2013/12/cards-stolen-in-target-breach-flood-underground-markets/

Engaged in “an ongoing investigation,” Target announced on Thursday that it has fixed “the problem.” Though Target hasn’t disclosed how exactly the breach occurred, data breaches like Target’s are generally “heavily organized and sophisticated,” said expert Jason Oxman of the Electronics Transaction Association to an Associated Press writer, in a copyrighted AP story. The Electronics Transaction Association represents the payments technology industry, so take his quote with a grain of sugar; it is not likely he has any direct knowledge of what has happened.

And the “problem,” Target CEO Gregg Steinhafel said, of “unauthorized access to payment card data at our U.S. Stores,” has been “eliminated” per the Target website. Eliminated on the Target end, but not the potential problem of the 40 million people involved, like me. And why was it only at the stores in the United States?

So was this Target fraud about Inside trading? The Secret Service is still investigating the intrusion as to financial fraud, if Target thinks “the crime against Target, our team members, and most importantly, our guests,” is over.

“The fact this breach can happen with all of their security in place is really alarming,” security analyst Avivah Litan of Gartner Research told the Associated Press. She believes the theft may have been an inside job, given the millions of dollars that companies such as Target spend implementing credit-card security measures.

The inside goings-on, at retailers like Target, as the standard of care changes, and experts like Jason Oxman represents the old guard. Most European and Asian countries began adopting a new technology standard which involves placing some kind of integrated circuit into a credit card a decade ago, pushed by regulators in those countries. “With fewer places in the world where stolen data can be used, the U.S. – among the last markets to convert from the magnetic stripe – becomes more of a high-value target,” Randy Vanderhoof, director of the EMV (Europay, MasterCard and Visa) Migration Forum told theLos Angeles Times.

In July 2005 TJ Maxx exposed more than 45.7 million credit and debit cards to possible fraud which was allegedly not “detected” until December 2006, per the Associated Press. The “breach” at T.J. Maxx and Marshall’s, had began when, the Associated Press reports in their copyrighted story, one or more intruders allegedly installed code on the discount retailer’s systems, methodically collecting and transmiting account data from more than 45.7 million credit and debit cards. And no one allegedly ever noticed, the Associated Press reports. How this eight year old T.J. Max story is related to the Target story, the copyrighted Associated Press story failed to state what happened to the evil-doers and identify who did it, if the reporter even knows for sure. The copyrighted Associated Press reporter seems to think the world has stood still since July 2005, per their copyrighted story.

Inside threats. Outside threats. Was there a lot more money spent concerning shoplifting at Target than on updated credit card security? Expert Jason Oxman of the Electronics Transaction Association might want to read more about smart credit cards, which allow for greater encryption and security. Randy Vanderhoof, director of the Europay, MasterCard and Visa Migration Forum, projects the existing 15 million smart credit cards in the U. S. will grow to 50 million to 70 million cards issued in the U.S. by the end of 2014, per The Los Angeles Times.

Target Corporation officials announced a data breach regarding credit card numbers has been “identified and resolved.” In a statement, MasterCard spokesman Jim Issokson said: “The road map and larger migration has provided issuers and merchants with the flexibility to manage their business and technology decisions. The decision on if, how and when EMV will be implemented has been and will continue to be made independently by each issuer and merchant.”

“Too often a sense of loyalty depends on admiration, and if we can’t admire, it is difficult to be loyal.” — Aimee Buchanon

So Target cyber security was just neglgient for not spending the money on their own smart card system? About 33 percent of Target’s Executive Short-Term Incentive Plan depends on a financial metric called “Economic Value Add” (EVA), which measures how well Target grows sales profitably, and to update to smart cards cuts into profits.

To make up for the recent cyber problem, Target CEO Gregg Steinhafel is offering customers 10 percent off this weekend, the same discount Target workers get. In what was described as “a crime against Target, our team members, and most importantly, our guests,” yesterday Steinhafel also issued an apology — about as sincere as the apology I heard my eight-year old nephew make after deliberately popping a helium balloon. Those apologies were meant for accidents that you did not mean to do, rather than in circumstances of various degrees of negligence. This apology was meant to resolve his whole public relations ordeal.

Religion Blogs

Advertisements

1 Comment »

  1. How do they count at Target? In their massive data breach, The Christian Science Monitor reported that Target Corporation investigation determined up to 70 million people had their information, including names, mailing addresses, phone numbers or email addresses, stolen. At least 30 state attorneys general are investigating both the breach and Target’s handling of the matter.

    “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team,” said Target president, chief executive officer, and chairman Gregg Steinhafel.

    Target on Friday announced that at least 70 million people, apart from the 40 million payment card accounts previously disclosed, were victimized, CNBC reported. The Minneapolis-based company initially reported on its website on December 19th that 40 million people were “victimized,.” in a prepared statement. Target said that much of the data stolen is partial, but in situations where Target has an email address, Target said it won’t ask customers for any personal information when they attempt to contact the affected customers as they provide tips to guard against consumer scams. “I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” said Steinhafel in his heart-felt apology.

    Comment by baseball91 — January 12, 2014 @ 2:09 AM | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.