January 31, 2014 - Major retailer Target has claimed the recent attack by cyber criminals on its payment terminals was possible after vendor credentials were stolen.
The attack resulted in the theft of around 40 million credit and debit card records and 70 million other records such as customer addresses and telephone numbers.
"The ongoing forensic investigation has indicated that the intruder stole a vendor's credentials, which were used to access our system," Target spokeswoman Molly Snyder said in a statement.
She declined to elaborate on what type of credentials were taken, who the vendor was, or to provide other details.
Paul Ayers, vice president EMEA at enterprise data security firm Vormetric, said the situation is a clear example of how compromised credentials can be used by hackers to cause chaos.
"The user credentials hijacked by the hacker(s) created a covert entry point from which they were able to abuse the access privileges it afforded them in the first instance and then move laterally, undetected across the company network, siphoning data as they went, for a considerable period of time."
He added that the best solution to prevent this from occurring is to limit access so users cannot actually read or edit information within data files, but simply move them around.
"Deploying data-centric security tools such as sophisticated encryption and intelligence gathering technologies will not only lock down the data at its source, but also provide critical information on all network activity. Ultimately, what this latest revelation should hammer home is that all data access points must be taken into equal consideration and protected accordingly," he concluded.