2/3/14

Hackers Used Stolen Vendor Credentials for their Data Theft

The first details on how the breach may have been made possible  show that “forensic investigation has indicated that the intruder stole a vendor’s credentials, which were used to access our system,” a Target spokeswoman told Reuters in a statement.

The malware used in the breach shows that the user account “Best1_user” and password “BackupU$r” were used to log in to a shared drive that had been set up by the hackers on Target’s internal network to collect all the stolen card information.

“That username is the same one that gets installed with an IT management software suite called Performance Assurance for Microsoft Servers. This product, according to its maker — Houston, Texas base BMC Software — includes administrator-level user account called ‘Best1_user.’”

The Secret Service has taken the lead investigating the breaches at Target and other retailers, including Neiman Marcus and Michaels Companies Inc, the largest U.S. arts and crafts retailer.

For additional info see:  http://www.reuters.com/article/2014/01/30/us-usa-justice-target-idUSBREA0S1AE20140130


-------------------------------------------------------

1/29/14
Banks Say Target Hack Has Cost Them $153 Million In Replacement Cards

U.S. banks have spent more than $153 million so far replacing 15.3 million debit and credit cards after the huge data heist from Target Corp., and the numbers are only growing.


The Consumer Bankers Association announced the numbers Tuesday, saying that as more retailers announce breaches, the price tag for banks could grow to “hundreds of millions of dollars, and possibly billions.”

It’s time for Target to step up to the plate and pay some of the costs for one of the largest data thefts recorded in the United States, the industry group said.

The theft affected as many as many as 110 million people and remains under investigation, as lawsuits accusing Target of failing to adequately protect sensitive customer information pile up in courts across the country.

The Minneapolis-based retailer has at least $100 million of cyber insurance and $65 million of directors and officers liability coverage, according to Business Insurance magazine, citing unnamed industry sources.

Banks have been scrambling to address the fallout from the Target breach with their customers. Some are replacing cards only when customers make the request or there is evidence of fraudulent charges.


Others, including Wayzata-based TCF Financial Corp. and U.S. Bancorp in Minneapolis, have taken the “replace them all” approach to cards that shoppers used in Target stores during the 19-day breach from Nov. 27 to Dec. 15.

The Consumer Bankers Association estimates that it costs an average of $10 for banks to replace a card, which is higher than the $4 to $5 figure often cited.  The 15.3 million cards replaced to date is a relatively small number given that U.S. shoppers carry 1.5 billion credit and debit cards, noted David Robertson, publisher of the Nilson Report.

The unanticipated spike in orders for new cards has sent card manufacturers into overtime. Giesecke & Devrient, one of the world’s largest card manufacturers, said it’s been adding shifts and hours to get the orders processed, as well as shifting jobs to facilities around the globe to balance the load.

Full article at:  http://www.startribune.com/business/242505661.html?page=all&prepage=1&c=y#continue

-------------------------------------------------------------------------------------------------------------


Scammers charging $9.84 to stolen credit card numbers
Jan 29th 2014 11:52AM


A new credit card scam has surfaced. The Better Business Bureau says credit card users should be looking for a small and specific amount of money that might have been stolen.

HLN explains that 'if you see a charge for $9.84 on your credit card statement, you may have been scammed. And for some reason, the sum of $9.84 keeps cropping up.'

But, why would thieves go after such a small amount of money? 'Good Morning America' says it's, well, hard to notice.

'Scammers are now testing stolen credit card numbers by charging small amounts on them at first. ... Scammers apparently believing most will overlook such a small amount on an itemized bill.'

An anchor at KHOU called the small charge $9.84 a quote 'sneaky' way to steal money.

The BBB put out a national alert on the matter Monday - and instructed people to call their banks if they see the charges.

Full article at:  

---------------------------------------------------------------------------------------------------


Is Target Shaving Workers’ Hours So It Doesn’t Have To Insure Them?

see the full article at:  
http://consumerist.com/2014/01/23/is-target-shaving-workers-hours-so-it-doesnt-have-to-insure-them/

In this Consumerist article it mentions that "Target announced that it would no longer offer health insurance to part-time employees (those who work fewer than 32 hours per week), while at the same time claiming that it would not be trimming employees’ schedules so that they no longer qualify as full-time workers. However, some Target employees tell Consumerist that company execs aren’t telling the truth.

“Recently these teams have been having their hours cut below 30 and they have been supplementing them by having sales floor people help with their workloads during their normal shifts,” writes the Target vet.

The employee says this is not just affecting sales floor staff but specialty teams — the price change team, planogram team, in-stock team — that had traditionally been full-time jobs.

He estimates that the recent changes have cut the number of insurance-eligible employees at his store by 80%. Additionally, he says that his store is now hiring primarily part-time workers, something it had never done after the holiday season.

Consumerist asks for employees to provide additional details to them via tips@consumerist.com

=====================================================================

Target eliminates 475 jobs at Minneapolis headquarters

Target Corp. is laying off 475 employees at its corporate headquarters in downtown Minneapolis and not filling 700 open positions, sources told the Star Tribune.

Target employs about 11,000 people at its downtown headquarters on Nicollet Mall, and a total of 14,000 corporate employees in Minnesota. The company has approximately 360,000 employees in all, mostly spread around its 1,900 stores in the U.S. and Canada.

A woman who was laid off from Target’s finance department said half of her 12-person department was let go in a meeting Wednesday morning, and the other half will be laid off in the next month.



She said laid-off workers in finance will be replaced by workers in India and contractors. The layoffs, she said, have been in the works for more than six months.  

(This blog reported extensively on Tarbutt in India at:  http://targetfiling.blogspot.com/2009/12/see-all-happy-indians-they-are-happy.html also:  http://www.naymz.com/britanee_pelikan_1706080 and 
http://pressroom.target.com/pr/news/target-corporation-committed-to-india.aspx)

“They just sent out a memo saying we had a mandatory meeting at such-and-such time saying that you guys are being let go as of today,” said the woman, who asked not to be identified for fear that her severance could be affected.

A Target spokesman said it’s not clear if more layoffs are coming, but he wouldn’t be surprised.

Any jobs cut on Wednesday would have to either be at corporate headquarters or at distribution centers, Yarbrough said.  The new job-cutting action follows a decision in October to eliminate about 150 jobs in the Twin Cities in what was then described as a reorganization.

See  more at: www.startribune.com/business/241503611.html
---------------------------------------------------------------------------------------------


 Experts: Target Hackers Will Be Tough to Find
by The Associated Press Jan 22nd 2014

"After thieves purchase the numbers, they can encode the data onto new, blank cards with an inexpensive, easy-to-use gadget. Or they can skip the card-writing process and simply use the card numbers online.

Crooks often have the option to buy cards last used in their area. That way, Wisniewski says, the cards attract less attention from the banks that issued them.

According to police, the pair arrested at the U.S.-Mexican border used cards containing the account information of Target shoppers from South Texas. Police say the two used fraudulent cards to purchase numerous items at national retailers in the area.

The underground markets always have a steady supply of card numbers on sale and their locations are always moving as they try to elude law enforcement, says Daniel Ingevaldson, chief technology officer at Easy Solutions Inc., a firm that sells anti-fraud products and tracks the activity of the online black markets. A big jump in inventory usually indicates there's been a breach of a major retailer. That's what Ingevaldson's firm saw in the cases of both Target and Neiman Marcus, which also recently reported a breach.

While many of these online bazaars and forums are based in Russia and Eastern Europe, much of the chatter is in English and appears to have been written by Americans, Ingevaldson says.

The types of criminals who buy the card numbers run the gamut, ranging from purely online white-collar crooks to street gangs.

"In reality, card numbers can be bought by anybody with access to the forums and a few Bitcoins in their pocket," Ingevaldson says.

Wisniewski says the people who buy card numbers online and produce the fake cards aren't the ones who try to use them. Using the cards is the riskiest part of the fraud scheme, so the task is usually farmed out to others who are often recruited through spam emails. The recruiters then send them fraudulent debit and credit cards and instruct them to buy large quantities of expensive merchandise or gift cards in exchange for a small percentage of their value.

Card users, once caught, often only have a handler's email address to share with police, making it nearly impossible to find the recruiters, Wisniewski says.

Both analysts say Russia and former Soviet countries are a hotbed for hackers behind these kinds of schemes. The region has a large population of highly educated computer science professionals and law enforcement is extremely lax when it comes to fraud that occurs overseas and not in the hackers' home country.

Wisniewski and Ingevaldson also believe the original authors of the malicious software used in the Target breach are likely based in Russia or Eastern Europe, as some reports on the breach have suggested. But it's unlikely the original programmers do any hacking themselves. They can make a nice living simply selling the code to those who do."

Read the entire article at: 
http://www.dailyfinance.com/2014/01/22/experts-target-hackers-will-be-tough-to-find/?icid=maing-grid7%7Chtmlws-main-bb%7Cdl28%7Csec1_lnk2%26pLid%3D433026

=================================================================

Tarbutt throws PT Employees under the bus!

Target will drop health insurance for its part-time employees

Target Corp. said Tuesday that it will stop offering health insurance to its part-time employees because new online health exchanges offer workers an opportunity to buy coverage.  Instead they  will give each worker $500 to help buy health insurance
Less than 10 percent of its workforce of about 361,000 participates in the health plan for part-time workers.  A number of companies, including Walgreens, Sears Holdings, Petco and Darden Restaurants, this year moved their entire workforce to private exchanges.

The change goes into effect April 1, the company’s normal open-enrollment period. It will affect those who average 20 to 31 hours a week.

Part-time workers are still eligible for other benefits, including wellness plans, a matching 401(k) retirement plan, vacation, dental, disability and life insurance.  

Topix