News and Updates

Target Pays $39M for Data Breach

Target Corp. has agreed to pay $39 million to settle litigation brought by banks and credit unions over its 2013 data breach. The settlement compensates financial institutions that issued debit or credit cards compromised by the breach, which involved 40 million credit and debit cards during the 2013 holiday season. On Sept. 15, Magnuson certified a class of financial institutions in the case. Read more at

What Retailers Can Learn from Target Data Breach

If you’re a US shopper, there’s almost a 50% chance that your information was compromised in the Target breach. The personal and financial information of approximately 110 million people, comprising 11 GB of data, was stolen in a successful compromise during the Christmas shopping season. The attackers persisted undetected for almost 2 weeks, and is attributed to a cyber criminal in the Ukraine. Anatomy of the Breach The attacker first compromised a 3rd party contractor, who provides HVAC services to Target. The attacker probably used Target’s contractor portal as a point of presence to penetrate the internal network and compromise an internal Windows file server. Although the publicly discl