Question

To complete this activity, work individually.

Start by researching the Target Data Breach of 2013. You may use any source you wish, but make sure to note down where your information came from (see Step 3).
After going through the information on this well-known case, answer the following questions. Write at least 50 words for each question. Make sure NOT to copy directly from any sources.
a.What was the impact of this cybercrime? Give at least 3 negative impacts of the crime.
b.Why did Target feel that they were protected from cybercrime before this incident?
c.Who or what is Fazio, and how does Fazio relate to this story?
d.Why did Target’s cybersecurity staff ignore warnings?
e.How did Target eventually learn of the attack?
f.What is your opinion? Who should be blamed for this data breach? Explain your answer. NOTE: There is no right or wrong answer for this question, but you must clearly explain your reasons.
List the sources you used while doing your research. You do not have to follow specific rules for this. You can just copy and paste the URLs of any websites used. If you used sources that are not found online, give as much information as possible. For example, the author’s name, the title, and so on.

Answer 1

The Target Data Breach of 2013 exposed the personal and payment information of millions, damaged Target's reputation, and resulted in financial losses and legal costs. Fazio Mechanical Services, Target's HVAC vendor, was the unintentional entry point for the hackers, and the breach went unnoticed despite warnings due to the cybersecurity team's oversight. Responsibility is shared between the cybercriminals and Target's inadequate response and third-party vendor management.

Step-by-step explanation:

Impact of the Target Data Breach

The Target Data Breach of 2013 had significant negative impacts. Firstly, the breach compromised the personal information of approximately 70 million customers, including names, phone numbers, email and mailing addresses.

Secondly, the attack exposed payment card data of about 40 million customers, leading to unauthorized credit card transactions. Lastly, the incident damaged Target's reputation, eroded customer trust, and resulted in substantial financial losses and legal costs.

Target's Pre-Breach Perception of Security

Before the cybercrime incident, Target believed they were protected from cybercrime due to their investment in cybersecurity measures. They had a team of security professionals and were compliant with industry-standard payment card security protocols.

The Role of Fazio in the Breach

Fazio Mechanical Services was an HVAC company that worked with Target and inadvertently became the weak link. Hackers managed to steal network credentials from Fazio's systems, which were less secure, and used these credentials to gain access to Target's network.

Cybersecurity Warnings Overlooked

There were indications that Target's cybersecurity team received warnings about the breach but did not respond promptly. Reports suggest that they either did not grasp the critical nature of the threat or were bogged down by a high volume of alerts, leading to the warnings being overlooked.

Discovery of the Breach

Target learned of the attack after the U.S. Department of Justice alerted them, following findings from a separate investigation into cybercriminal activity. Target then confirmed the breach and publicly disclosed it.

Opinion on the Blame for the Data Breach

In my opinion, while the direct fault lies with the cybercriminals, Target shares in the responsibility due to inadequate response to security alerts. Additionally, more rigorous checks on third-party vendor access and security could have mitigated the breach.