Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Build Apps 5x Faster
For Half the Cost
Enterprise Cloud Computing

On Force.com
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Target Facing Class Action Suit Over Data Breach
Target Facing Class Action Suit Over Data Breach

By Jennifer LeClaire
December 20, 2013 9:57AM

    Bookmark and Share
Discount retailer Target has likely invested heavily in security technologies and approaches to prevent such massive data breaches. But because today’s threats are quickly outpacing current security technologies and approaches, the technologies Target put into place to thwart breaches of its network are becoming outdated and ineffective.
 



In the wake of a data breach that exposed the personal identifying information of 40 million Target consumers, a customer has filed a lawsuit against the discount retailer in a San Francisco federal court. Attorneys are seeking class action status.

The lawsuit claims negligence and invasion of privacy. The suit also alleges the stolen data may make it possible for criminals to create counterfeit credit cards by encoding the stolen information onto plastic cards that contain a magnetic strip. Finally, the suit claims the breach may also have revealed consumers’ personal debit card codes.

“Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint.

Is a Lawsuit Really Necessary?

A class action suit against Target could open up a Pandora’s Box. Security industry analysts are waiting and watching, but it seems a class action suit may be a reach considering the damages.

“I did some traditional shopping at Target between November 27 and December 15, and so I am in the affected customer set. Unfortunately, beyond canceling one's credit card -- which is a hassle -- there is not much a customer can do in such a situation,” Wolfgang Kandek, CTO of Qualys, told us.

“I have started to log into my credit card account more frequently and check my transactions, but otherwise I am trusting the fraud detection algorithms that my credit card company uses, plus their 60-day claim guarantee. It will be interesting to see how the attackers got into the network and what technical countermeasures were in place, but that will take months to surface as the forensics in such a case are extremely time consuming,” he said.

The Nature of Modern Threats

We asked Chris Petersen, CTO and co-founder of LogRhythm, a log analysis firm, for his take on the breach. He told us Target has likely invested heavily in security, in technologies and approaches many would consider modern and right. Unfortunately, he added, today’s threats are quickly outpacing current security technologies and approaches -- what was recently modern and right, is quickly becoming outdated and ineffective.

"Companies are in an arms race against determined foes, whether they be cybercriminals, hacktivists or nation states,” Petersen said. “Their only hope of defending themselves is to ensure their defenses are truly modern. In some cases, this might mandate running next generation technologies in parallel with their legacy counterparts."

As he sees it, one specific area of modern investment is an analytics-driven defense. Only until very recently could companies leverage big data to root out threats they would otherwise be blind to.

“When big data is combined with machine-based behavioral analytics, the types of threats able to evade existing defenses can be detected early, prior to a large scale breach occurring,” Petersen said. “When networks are infiltrated and systems inappropriately accessed, normal behaviors within the IT environment will shift. When these behavioral shifts are recognized early, data breaches can be avoided."
 

Tell Us What You Think
Comment:

Name:

Deliberate Holes in our s:

Posted: 2014-05-30 @ 11:38am PT
I'd like to know whether the vulnerability was induced by the NSA or FBI as part of they're data gathering systems? Are we being fleeced for sake of someone else's prescribed security measures...

Jon H:

Posted: 2013-12-23 @ 7:51am PT
@Mike: Great idea!

Mike Jones:

Posted: 2013-12-23 @ 4:27am PT
Target should be required to and agree to provide free credit monitoring for a period of 18 months to those that had their information compromised.

rsa:

Posted: 2013-12-20 @ 5:29pm PT
I hate to say it but that is part of the risk we all take by using credit cards for everything. It would have been nice if they would have let us know right away when they found out though.



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Banks Hit by Android-Skirting Malware
2.   New Technology Defeats Privacy Efforts
3.   Juniper DDoS for High-IQ Networks
4.   Big DDoS Attacks Hit Record in 2014
5.   Can Google Stop Zero Day Flaws?


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.