Hostwinds Blog

Search results for:


Target Breach Traced to Stolen HVAC Vendor Credentials

A recent report claims that the initial attack launched in November against the retail giant Target was traced back to network credentials stolen from "a refrigeration, heating and air conditioning subcontractor." This subcontractor performed service at several Target locations and those of "other top retailers, "according to an article published on the KrebsOnSecurity website. The article indicates that the "network credentials_" were stolen from a Pennsylvania-based "_provider of refrigeration and HVAC systems_" called _Fazio Mechanical Services.

According to the article, the subcontractor has serviced other retail outlets, including "_Trader Joe's, Whole Foods and BJ's Wholesale Club_" in "_Pennsylvania, Maryland, Ohio, Virginia and West Virginia_. " The article confirmed that agents from the United States Secret Service visited the Fazio headquarter offices regarding the Target investigation. According to the report, company President Ross Fazio confirmed that he "_was not present when the visit occurred_" but another company officer, Vice President Daniel Mitsch, declined to answer questions about the visit.

The article stated, "_It's not immediately clear why Target would have given an HVAC company external network access, or why that access would not be cordoned off from Target's payment system network._" The report continued to say that the case investigators "_shared additional details about the timeline of the breach and how the attackers moved stolen data off of Target's network_" and confirmed that they "_succeeded in uploading their card-stealing malicious software to a small number of cash registers within Target stores._"

Read more about this security breach and how Target and other retailers deal with their vendors in security matters at the full article on the KrebsOnSecurity website.

Written by Bryon Turcotte  /  February 7, 2014

Need help? Chat now!