Home Depot could be the latest major company to have customer credit card data siphoned off and sold online. Security researcher Brian Krebs writes that multiple banks have said the chain might be the source of a batch of credit and debit cards currently being sold in an online black market. "I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate," said Home Depot spokesperson Paula Drake in a statement to Krebs, saying that it was too early to tell whether there had in fact been a breach.

Krebs believes a Home Depot hack could have been carried out by the same …

Read the full story at The Verge.

The hack that cost Target and its partners more than $200 million may have caused even more damage than we thought. The New York Times is reporting that the same malware used in the attack also targeted more than a thousand other US businesses, based on a new assessment from the Secret Service. Known as Backoff malware, the attack allows hackers to monitor all the information passing through checkout computers, including customer credit cards. UPS and Supervalu have both announced they were affected by the attacks, but many others have yet to come forward.

It's unclear how many distinct attackers are responsible for the various breaches, bu …

Read the full story at The Verge.

Five months after a data breach that compromised credit card data for 40 million customers, Target CEO Gregg Steinhafel has agreed to step down from his position running the retail giant. Steinhafel is also stepping down from his positions as president and chairman, and giving up his seat on the board of the company. Chief Financial Officer John Mulligan is expected to take over as president until a successor can be found. In March, the company's chief technology officer resigned over the breach.

No one from Target has officially linked Steinhafel's departure with the data breach, but given the timing, there's little doubt that the scandal …

Read the full story at The Verge.

The security breach that compromised 40 million credit card numbers and data of 70 million Target customers last December could end up a part of a cybercrime film produced by Sony and based on security researcher Brian Krebs who broke the story. According to The Hollywood Reporter, Sony's purchased the rights to "Reporting From the Web's Underbelly," a profile on Krebs published last month in The New York Times.

Guns, drugs, and fake murder charges

That piece went behind the scenes about Krebs' uncovering of the security breaches against Target, Adobe, and Neiman Marcus. It also detailed peculiar aspects of Krebs' life, like his penchant for …

Read the full story at The Verge.

In the wake of a December security breach that put up to 40 million credit card numbers and 70 million more pieces of customer contact information in the hands of hackers, Target has been doing damage control. It's installed new credit card security systems, and its chief operating officer resigned in early March. But according to a report from Bloomberg Businessweek, the company's state-of-the-art security system detected the hack as soon as it started - and did nothing. Instead, it took two weeks and a warning from federal investigators to plug the hole.

"The security system sent out more alerts, each the most urgent on FireEye's graded sc …

Read the full story at The Verge.

Target's head of technology handed in her resignation today, months after the company suffered one of the largest data breaches in retail history. Beth Jacob, who has served as Target's chief information officer and executive vice president of technology services since 2008, is vacating both positions and departing the company immediately. According to CEO Gregg Steinhafel, the retailer has already launched a search for an interim CIO to help steer Target through a major security overhaul. "While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly," Steinhafel sa …

Read the full story at The Verge.

Last year's cyberattack on US retail giant Target in which up to 40 million credit cards were compromised and up to 70 million names, email addresses, and phone numbers were stolen - has cost banks and credit unions more than $200 million.

The Consumer Bankers Association (CBA) and the Credit Union National Association (CUNA) have replaced 21.8 million cards, more than half of those compromised in the attack. The cost to CBA member banks has now reached $172 million, while credit unions have spent $30.6 million. Both figures have increased from original estimates of $153 million and $25 million respectively, and still don't take into accoun …

Read the full story at The Verge.

Target's security staff may have been aware of vulnerabilities in the retailer's systems months before a massive breach compromised data on millions of shoppers. The Wall Street Journal reports that at least one internal analyst had called for a thorough review of the defenses around Target's payment terminals, which were later infiltrated during the sophisticated attack. That request was initially "brushed off" according to the Journal. It's unclear if a review was eventually granted before hackers made off with 40 million debit and credit card numbers - and a wealth of other customer information. The specific nature of those concerns are a …

Read the full story at The Verge.