Target reported Friday that the cyber thieves compromised the credit card data and personal information of as many as 110 million customers. That data includes phone numbers, email and home addresses, credit and debit card numbers, PINs, expiration dates and magnetic strip information.
"The Secret Service will confirm that it is investigating this incident," spokesman Brian Leary said. "It is an ongoing investigation and we can provide no further comment."
The U.S. Secret Service leads an Electronic Crimes Task Force that brings together federal, state and local law enforcement, prosecutors, computer experts and academics to detect and trace attacks on the nation's financial and computer networks, including identity theft, credit card fraud and bank fraud.
While police hunt for the cyber criminals, attorneys general nationwide say they will look more closely at whether Target provided enough protection for its customers.
"Consumers in New York and around the country expect and deserve companies that protect their personal information when they shop on their websites and in their stores," New York Attorney General Eric Schneiderman said in a statement.
North Carolina Attorney General Roy Cooper said his state would also join the investigation and is seeking information from Target about how many North Carolina consumers may be exposed. Criminals with contact information can target consumers with telemarketing scams, identity theft and phishing, Cooper said.
North Carolina law requires businesses to notify customers and the attorney general if their personal information is compromised.
"Putting millions of people's personal information at risk is unacceptable," Cooper said. "Companies must do a better job of protecting their customers if t! hey want to earn their business and their trust."
Target has offered free credit monitoring and identity theft protection to its customers.
Donna L. Wilson, a litigation partner at Manatt, Phelps & Phillips in Los Angeles who specializes in consumer protection, data security and privacy, says she repeatedly urges clients to invest in top-notch security.
"I tell clients it is not a matter of it it's going to happen. It's when and how many times," Wilson said. "These are literally surprise attacks and the risk absolutely does change every day."
The challenge for companies is trying to predict how a cyber criminal will attack next, she said.
"Oftentimes, with data security, you find yourself planning for the last war and trying to anticipate what's happening in the future," Wilson said.
Computer investigators will examine computer logs and access points to figure out how the cyber thieves breached security and stole the data, but, like most criminals, they would take steps to cover their tracks, says Tony Anscombe, senior security evangelist for AVG Technologies, a Netherlands-based company that produces computer protection and privacy software.
"Cyber criminals have gotten very clever in that way," Anscombe says. Cyber criminals "can employ very good people to look for back doors, vulnerabilities. It's an ever changing game."
No comments:
Post a Comment