Target traces data breach to credentials stolen from vendor
- Share via
Target Corp. said cyberthieves stole credentials from one of the retailer’s vendors in order to access its system, according to an ongoing forensic investigation into a data breach that may have exposed information from as many as 110 million customers.
The company said that since disclosing the hack Dec. 15, it cleared its system of the malware that had been planted.
“In addition, since that time we have taken extra precautions such as limiting or updating access to some of our platforms while the investigation continues,” Target spokeswoman Molly Snyder said in a statement Wednesday.
The Minneapolis retailer said that crooks accessed the payment card information of as many as 40 million customers over a two-week span during the holiday shopping rush. The company later said that personal information, including home and email addresses and names, from as many as 70 million other customers may have been stolen as well.
On Wednesday, Atty. Gen. Eric H. Holder Jr. said in a Senate Judiciary Committee hearing that the Justice Department is looking into the theft.
“We are committed to working to find not only the perpetrators of these sorts of data breaches but also any individuals and groups who exploit that data via credit card fraud,” Holder said.
The department “takes very seriously reports of any data breach, particularly those involving personally identifiable or financial information,” he said.
ALSO:
2 arrested in connection with Target hack
Target to drop health policies for part-timers
Justice Department working to nab Target data thieves, Holder says
More to Read
Inside the business of entertainment
The Wide Shot brings you news, analysis and insights on everything from streaming wars to production — and what it all means for the future.
You may occasionally receive promotional content from the Los Angeles Times.
