Forensic investigators have recently determined that “cyber criminals” who compromised the computer system of the large retailer Target “used credentials they stole from one of the retailer’s vendors” to breach their security, according to an article published on the NBC News website. The criminal activity against Target – “during the busy holiday shopping period” – was reported to have resulted in the theft of “40 million credit and debit card records” in addition to “70 million other records” which contained personal customer data – including their “addresses and telephone numbers“, according to the article.
Molly Snyder, corporate spokeswoman for Target, was quoted in the article to say, “”The ongoing forensic investigation has indicated that the intruder stole a vendor’s credentials, which were used to access our system.” Snyder did not comment further or give any details about “what type of credentials were taken from the vendor“, according to the report. The article quoted Attorney General Eric Holder while he testified before a U.S. Senate hearing, saying that the Justice department “will seek not only to find the perpetrators of the breach but also any individuals and groups who exploit that data via credit card fraud.”
Holder confirmed during his statements to senators that the Justice Department takes “reports of data breaches seriously” and was quoted in the article to say, “While we generally do not discuss specific matters under investigation, I can confirm the department is investigating the breach involving the U.S. retailer, Target.”