Case Study #1: The Target Data Breach of 2013
1. Watch the video in the titled “The Big Picture: Target Data Breach.”
2. In < 700 words, write a response essay that addresses the following questions/issues:
• How did hackers compromise Target’s network? How did news of the breach reach Target? How did this news get to the public? How could Target have been more proactive in its response to the breach?
• Discuss ethical issues that arose from Target’s Data breach.
• As a consumer, how do you feel about the Target breach? (If any data breach impacted you, you could write about your personal experience; if not, you can put yourself in the shoes of someone affected and write from that perspective). Does learning about such an incident impact any of your future behavior? Why or why not?
You may consult outside sources to help inform your understanding of the general themes/ideas, but you do not need to. No citations are required but beware of plagiarism! In case you are using someone else’s thoughts, then please make sure to name them.
Formatting is essential; practice using APA 7h edition student style.
The Case
About the target data breach that occurred in 2013. So first, just a little bit of background, some folks may not be familiar with target. In that case, target is a box retailer. They’re also an online retailer. Hello and welcome to an overview about the target data breach that occurred in 2013.
First, just a little bit of background. Some folks may not be familiar with target. In that case, target is a box retailer. They’re also an online retailer. They have nearly 2,000 retail locations across the us that also have retail locations in Canada and several other countries,and a growing E commerce presence, too.
In 2013, target was compromised by a major Maui attack. There was a third party vendor, a fossil mechanical that was victimized or was compromised by a fishing Email. And the fishing Email allowed hackers to access targets vendor system. And really all it took was a login and a password. So one of the lessons there is multifactor authentication is wonderful. So you maybe seen that in the notes in the lecture, notes for the security module or in the chapter. It’s really true. So multifactor authentication would have stopped this and would have and really would stop a lot of hacks online.
But the attacks started back in November of 2013 target discovered the breach. They notified the US Department of Justice but that took a couple of weeks and the story was broken by a reporter of Brian crabs who noticed a lot of unusual activity in carding forms and car carding forums are described in the textbook chapter on security, too. And that’s where hackers go in and sell and resell numbers, a credit card, basically credit card information to other hackers. They can so that someone at some point in the chain can make fraudulent purchases.Interestingly, target had a system of monitoring. They had this security system called fire eye. Fire eye is a company, and it’s also the name of the system they use. And was soon has the data breach was noticed. It was noticed when the hackers attempted to pull information off the network. The monitors in Bangalore actually saw that and they notified target headquarters in Minnesota. So it’s a little bit of a mystery there. As far as why wasn’t something done.
Yeah, but II don’t think there’s no active conspiracy theories. Anyway, a a lot of times the explanation for a situation such as this is just incompetence. So something gets sent. Miscommunications are very much a part of any large organization that certainly occurred here to put it mildly.
Another thing is that fire I did have something built into it where there was a setting that could have enabled a user to automatically disable any mower that had been detected. That setting had actually been disabled.
Now, why did that happen? There could actually be good reasons for that. Some people want to not just rely on an automatic setting, but ensure that a person is reviewing each of those disabled decisions. So that starts to get to that. But what resulted from all this?
At least 40 million credit cards were impacted. So it depends who you ask, depends which story you read. You could see a bigger number, you might see 70 million, but we get it. It’s tens of millions. It was a huge deal. It was national news for several weeks.
Now, what matters about that? Other information from customers that could have been captured through the point sale system was also compromised. So things like people’s names, their Email addresses, phone numbers, even their physical addresses, also are believed to have been breached
in this occurrence. That is troublesome, maybe. But then again, you sort of have to keep that in perspective. A lot of that information is certainly on the web in other formats, too. I also want to say, in terms of thinking about the impact, as far as individuals go, it’s important to note that the us federal law protects us consumers from any fraudulent credit card activity. So anything greater than $50 is there’s automatically a cap and no consumers can be held liable for any fraudulent charges in excess of that.
But it’s even better than that for us. Consumers because the credit card issuers, they want to keep us swiping and charging. And so if you look at all the major card issuers and you read the fine print, they’re gonna say that you the consumer are actually not responsible at all in the instance of fraud.
Again, that’s not just because they’re not because the banks and the card issuers are nice. It actually has more to do with the cost benefit analysis. How much is it worth it? How much is it worth to them to have us in the case of the payment processors swiping the cards in the case of the banks
holding balances on the cards, you weigh that against fraud. And that actually turns out that it’s very much worth it for them to have that policy because otherwise we wouldn’t use the cards.
The impact to target was that target profits were down considerably for that holiday. Season of 2013. Remember this story? Broke right? Broken December. So this is right and this is peak holiday shopping season.
So holiday profits were down 46% for that season and the target also offered credit monitoring for all the people affected by the breach. There’s another huge out of pocket costs for the company. Now, where it gets really messy is the fight between target and the banks.
The approximate cost to the bank of issuing a replacement card to a consumer is $10. And when you think that’s not so bad, but then when you scale that out, you’re looking at $400 million, at least in terms of the card replacement costs.
And the banks understandably had frustrations with target who should be responsible. Target says we’re not the bank, you’re the bank, you pay for it, and where and so there’s like some unhappiness there. Ultimately the banks do end up picking a lot, picking up a lot of these costs, but there’s an important shift that has occurred.
The chip cards, which were already the standard in several other parts of the world hadn’t been adopted widespread in the us for a few reasons. One is there was a fear that they would slow down transactions.
Retailers pushed back and then didn’t really try to get these things adopted in the us. But because of this largely because of this breach, a new law was passed. And so the chip charge became the going system that actually took a little bit of time that took a couple of years from the time of the breach. But that is now the policy. So they’re not every retailer has to use the chip systems for the cards.
Those who don’t, though, would be held responsible. So if I say as a retailer, I just don’t want to slow my consumers down, so we’re just not gonna use them. I can do that. But if a breach were to occur, and all of a sudden card details were compromised,then I’m on the hook for the replacement cost personally. So that’s a pretty strong incentive to move to the chip. There’s a unique, it’s like a little microprocessor right there in the car. And a there’s encryption that occurs between the card and the terminal that between the system that the point of sale terminal speaks to. And so it requires the presence of that shift for any impersonal transaction. So it doesn’t completely up revenge.
And an event exactly like the one that occurred from occurring again, that is just a high level overview of the targeted breach. Thank you very much.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.