Network Security Breach Case Study: Target Corporation
Introduction: The systems and networks of Target Corp. were breached in November 27 and December 18, 2013, which results in 40 million card numbers and 70 million personal records stolen. This became the second largest credit and debit card breach after the TJX breach in 2007. Initial breach didn’t actually occur inside Target. Instead, it occurred in a third party vendor, Fazio Mechanical Services, which is a heating, ventilation, and air-conditioning firm. At some point the Fazio Mechanical Services system was compromised by what is believed to be a Citadel Trojan which was sent via email to the company. Due to the poor security training and security system of the third party, the Trojan gave the attackers full range of power over the company’s system. Due to Target’s poor segmentation of its network, attacker gained acessed of business section. From there, th...