The Inquirer-Home

Target hackers got in through an air conditioning outfit

Firm claims US retailer was only firm affected by the breach
Fri Feb 07 2014, 12:37
Security threats - password theft

AIR CONDITIONING FIRM Fazio Mechanical Services has confessed to its role in the hacking attack on Target that stole sensitive information from 110 million customers.

In a statement, Fazio said that it does not want to dwell on too many elements of the incident, but was keen to say that it only works with Target on electronic billing, contract submissions and project management.

It said that Target is the only firm that it performs these functions for, and that the US retailer was the only firm affected by the security breach.

"Like Target, we are a victim of a sophisticated cyber attack operation," added the statement that was signed by the firm's owner and president Ross Fazio.

"We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive initiatives that will further enhance the security of client/vendor connections making them less vulnerable to future breaches."

Security pro Brian Krebs had the skinny on this early, and reported that the hackers broke into Target on 15 November 2013 using stolen network credentials.

From that point onwards credit card skimmers were placed at Target point of sale terminals. Krebs' source said that a testing period followed during which the hackers made sure that their system was effective.

Last month Target raised the number of suspected affected customers from 40 million to 110 million. It is providing people with credit checking services, and is most apologetic.

"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause," said Target chairman, CEO and president Gregg Steinhafel. "We take this matter very seriously and are working with law enforcement to bring those responsible to justice." µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?