Newsletters
Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Business Intelligence Sales & Marketing More Topics...
Eliminate costly downtime!
Find out how with Free White Paper
& enter to win a Samsung Galaxy Note

www.apc.com
Network Security
Fiercely productive scanners
Average Rating:
Rate this article:  
Target Facing Class Action Suit Over Data Breach
Target Facing Class Action Suit Over Data Breach

By Jennifer LeClaire
December 20, 2013 9:57AM

Bookmark and Share
Discount retailer Target has likely invested heavily in security technologies and approaches to prevent such massive data breaches. But because today’s threats are quickly outpacing current security technologies and approaches, the technologies Target put into place to thwart breaches of its network are becoming outdated and ineffective.
 


In the wake of a data breach that exposed the personal identifying information of 40 million Target consumers, a customer has filed a lawsuit against the discount retailer in a San Francisco federal court. Attorneys are seeking class action status.

The lawsuit claims negligence and invasion of privacy. The suit also alleges the stolen data may make it possible for criminals to create counterfeit credit cards by encoding the stolen information onto plastic cards that contain a magnetic strip. Finally, the suit claims the breach may also have revealed consumers’ personal debit card codes.

“Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint.

Is a Lawsuit Really Necessary?

A class action suit against Target could open up a Pandora’s Box. Security industry analysts are waiting and watching, but it seems a class action suit may be a reach considering the damages.

“I did some traditional shopping at Target between November 27 and December 15, and so I am in the affected customer set. Unfortunately, beyond canceling one's credit card -- which is a hassle -- there is not much a customer can do in such a situation,” Wolfgang Kandek, CTO of Qualys, told us.

“I have started to log into my credit card account more frequently and check my transactions, but otherwise I am trusting the fraud detection algorithms that my credit card company uses, plus their 60-day claim guarantee. It will be interesting to see how the attackers got into the network and what technical countermeasures were in place, but that will take months to surface as the forensics in such a case are extremely time consuming,” he said.

The Nature of Modern Threats

We asked Chris Petersen, CTO and co-founder of LogRhythm, a log analysis firm, for his take on the breach. He told us Target has likely invested heavily in security, in technologies and approaches many would consider modern and right. Unfortunately, he added, today’s threats are quickly outpacing current security technologies and approaches -- what was recently modern and right, is quickly becoming outdated and ineffective.

"Companies are in an arms race against determined foes, whether they be cybercriminals, hacktivists or nation states,” Petersen said. “Their only hope of defending themselves is to ensure their defenses are truly modern. In some cases, this might mandate running next generation technologies in parallel with their legacy counterparts."

As he sees it, one specific area of modern investment is an analytics-driven defense. Only until very recently could companies leverage big data to root out threats they would otherwise be blind to.

“When big data is combined with machine-based behavioral analytics, the types of threats able to evade existing defenses can be detected early, prior to a large scale breach occurring,” Petersen said. “When networks are infiltrated and systems inappropriately accessed, normal behaviors within the IT environment will shift. When these behavioral shifts are recognized early, data breaches can be avoided."
 

Tell Us What You Think
Comment:

Name:

Jon H:

Posted: 2013-12-23 @ 7:51am PT
@Mike: Great idea!

Mike Jones:

Posted: 2013-12-23 @ 4:27am PT
Target should be required to and agree to provide free credit monitoring for a period of 18 months to those that had their information compromised.

rsa:

Posted: 2013-12-20 @ 5:29pm PT
I hate to say it but that is part of the risk we all take by using credit cards for everything. It would have been nice if they would have let us know right away when they found out though.



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Network Security
1.   How To Beat the Heartbleed Bug
2.   OpenSSL Calls for More Support
3.   NSC Backs Disclosing Vulnerabilities
4.   Heartbleed Flaw Affects Hardware
5.   1 in 5 Say They've Had Data Stolen


advertisement
Don't Reset Passwords for Heartbleed?
Added caution needed to ensure security.
Average Rating:
How To Beat the Heartbleed Bug
Big data analytics could be the key.
Average Rating:
Heartbleed Flaw Affects Hardware
Cisco, Juniper equipment vulnerable.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
How To Beat the Heartbleed Bug
Heartbleed headlines continue as IT admins scramble for answers no one has. Early reports of stolen personal data, including 900 social insurance numbers in Canada, are starting to trickle in.
 
After Heartbleed, OpenSSL Calls for More Support
The president of the OpenSSL Foundation says more support is needed from companies and governments that use its software so that it can better spot and fix flawed pieces of code such as Heartbleed.
 
NSC Backs Disclosing Software Vulnerabilities
Disclosing vulnerabilities in commercial and open source software is in the national interest and shouldn't be withheld unless there is a clear need, says the National Security Council.
 

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
 
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
 
Google Glass Finds a Home in Medical Education, Practice
Google Glass may find its first markets in verticals in which hands-free access to data is a boon. Medicine is among the most prominent of those, as seen in a number of Glass experiments under way.
 

Mobile Technology Spotlight
Is Amazon Launching a 3D Smartphone?
Once known for selling books on an e-commerce platform, Amazon is now a bona fide hardware maker -- and it's reportedly rolling out an innovative smartphone with a 3D screen.
 
Review: S5 Features Useful, Less About Gimmicks
There's a lot to like about Samsung's new Galaxy S5 smartphone -- among them, its relative lack of features. Samsung chose to focus on features people might actually want, not gimmicks.
 
Analyst: Samsung Galaxy S5 Won't Sway iPhone Lovers
The Samsung Galaxy S5 hits store shelves on Friday and the reviews are starting to pour in. The question is: Can the latest in the Galaxy line grab more market share from Apple’s iPhone?
 

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Business Intelligence | Sales & Marketing | Contact Centers | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.