Back during the busy holiday shopping season, Target was the victim of a hack that exposed more than 70 million credit card numbers and private data on its shoppers. The Justice Department has since said it’s investigating the issue, but even more details are spilling out now thanks to Krebs on Security. You often hear the term “backdoor access” when it comes to hacking. In other words, hackers try to get into a system using a roundabout way that might not be under as much security scrutiny. Apparently that’s exactly how this attack unfolded.
Hackers used access credentials from an HVAC company that was working at Target Krebs on Security revealed on Wednesday. The company was called Fazio Mechanical Services and apparently, probably as part of the DoJ’s investigation, the company was recently paid a visit by the U.S. Secret Service. Krebs on Security says it’s not really apparent why an HVAC company would have had access to Target’s network. “It is common for large retail operations to have a team that routinely monitors energy consumption and temperatures in stores to save on costs,” Krebs on Security explained, citing a source at a different retailer.
That means that Fazio Mechanical Services may have had access to Target’s network just to make sure everything was running properly. Once they had access to the network, the hackers were able to install software on connected cash registers that then uploaded credit card data. While the attack apparently originated in Russia and in Eastern Europe, the information was stored on different servers. One server was located in Brazil, while another was apparently an unsuspecting company based in Miami.
So far nobody has been arrested in connection with the crime. Target has not yet confirmed the Krebs on Security report, though Brian Krebs, who runs the site, has been accurate his previous stories on the situation.