Adrian Esquivel
January 24, 2014

Timeline of Target Breach

With the Target stores' recent security breach, there’s a good chance that you know someone who has had their credit card information compromised. You may even be one of the 70 million customers who saw their personal information fall in the hands of hackers. So, what happened? We put this timeline together for you can get a better sense of what happened, and where it's going.November 27 - December 15: This is the time when the hacks occur.December 18: News breaks of the data breach.December 19: Target confirms the breach. They give information as the scope including what was stolen which includes customer names and credit card numbers.December 20: Target reports few incidents of fraud. We're not sure how they would know this already, as that would have to come from the actual banks and credit card companies. At this time, they extend a 10% discount off in store purchases. KrebsOnSecurity reports that stolen cards have been hitting the underground black markets in recent weeks in batches of one million cards selling anywhere from $20 to $100 per card.December 21: The banks chime in with JP Morgan issuing alerts and issuing daily spend limits on cards affected by the Target breach.December 22 – December 23: Reports show 3-4% decrease in sales in Target stores compared to last Christmas. Targets general counsel puts on a 30 minute conference call to assure concerns as the DOJ and the Secret service steps up their forensic investigations. .January 10: Target confirms 70 million customers were affected by the breach with names, mailing addresses, phone numbers, and emails with credit card information possibly being among that data stolen. Experts predict that the number will grow.January 13: Target confirms that they have identified and removed the malware from infected devices. They increase the number of affected customers to 100 million.January 17: Security firm IntelCrawler reports that the source of the Target breach came from Russia and a 17-year-old Russian going by the handle ‘ree4’ is responsible for the POS (point-of-sale) malware that was also used against Neman Marcus and at least six other major retailers. Speculation is that he did not participate in the hack but sold the software over 40 times to cyber-criminals. See the detailed breakdown on how this malware works here.January 23: Democratic leaders start getting involved by asking Target’s CEO for documents related to the data breach. The FBI warns US retailers to prepare for more cyber attacks based on information showing about 20 hacking cases in the past year that utilize the same malicious software. Neiman Marcus reports their data breach is worse than previously disclosed.January 30: A Target spokesperson confirms that the hackers who stole the credit and debit card numbers from the retailer appear to have breached their systems by using electronic credentials stolen from a vendor. No details have been disclosed as to how the credentials were stolen.Stay tuned on what's to come from the breach as we’ll keep updating our blog.