CIO Today

CIO Today Network Sites:   Top Tech News  |   CIO Today   |   Mobile Tech Today   |   Data Storage Today
Daily Briefing for Technology's Top Decision-Makers
Vblock™ Systems:
Advanced converged infrastructure
increases productivity & lowers costs.

www.vce.com
Thursday, April 24th 
Next Generation Data Center Is Here!
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Trending Topics:   Security Heartbleed Big Data Cloud Computing Windows XP Data Centers OS X Mavericks
Home
Enterprise Software
Enterprise Hardware
Big Data
Network Security
Cloud Computing
CRM Systems
Data Storage
Operating Systems
Communications
CIO Issues
Mobile Tech
Chips & Processors
World Wide Web
Business Briefing
After Hours
Press Releases
 
Free Newsletters
Top CIO News
 
Mobile Tech Today
 

CIO Issues

Target Facing Class Action Suit Over Data Breach

Target Facing Class Action Suit Over Data Breach
December 20, 2013 9:57AM

Bookmark and Share
Discount retailer Target has likely invested heavily in security technologies and approaches to prevent such massive data breaches. But because today’s threats are quickly outpacing current security technologies and approaches, the technologies Target put into place to thwart breaches of its network are becoming outdated and ineffective.

Your Next Generation Data Center Is Here! Vblock™ Systems: the world's most advanced converged infrastructure are built on the Cisco Unified Computing System with Intel® Xeon® processors. Vblock™ Systems deliver extraordinary time to market, ROI and TCO, and flexibility to meet your continually changing demands with 5X faster deployment, 96% less downtime, and 1/2 the cost. Click here to learn more.

In the wake of a data breach that exposed the personal identifying information of 40 million Target consumers, a customer has filed a lawsuit against the discount retailer in a San Francisco federal court. Attorneys are seeking class action status.

The lawsuit claims negligence and invasion of privacy. The suit also alleges the stolen data may make it possible for criminals to create counterfeit credit cards by encoding the stolen information onto plastic cards that contain a magnetic strip. Finally, the suit claims the breach may also have revealed consumers’ personal debit card codes.

“Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint.

Is a Lawsuit Really Necessary?

A class action suit against Target could open up a Pandora’s Box. Security industry analysts are waiting and watching, but it seems a class action suit may be a reach considering the damages.

“I did some traditional shopping at Target between November 27 and December 15, and so I am in the affected customer set. Unfortunately, beyond canceling one's credit card -- which is a hassle -- there is not much a customer can do in such a situation,” Wolfgang Kandek, CTO of Qualys, told us.

“I have started to log into my credit card account more frequently and check my transactions, but otherwise I am trusting the fraud detection algorithms that my credit card company uses, plus their 60-day claim guarantee. It will be interesting to see how the attackers got into the network and what technical countermeasures were in place, but that will take months to surface as the forensics in such a case are extremely time consuming,” he said.

The Nature of Modern Threats

We asked Chris Petersen, CTO and co-founder of LogRhythm, a log analysis firm, for his take on the breach. He told us Target has likely invested heavily in security, in technologies and approaches many would consider modern and right. Unfortunately, he added, today’s threats are quickly outpacing current security technologies and approaches -- what was recently modern and right, is quickly becoming outdated and ineffective.

"Companies are in an arms race against determined foes, whether they be cybercriminals, hacktivists or nation states,” Petersen said. “Their only hope of defending themselves is to ensure their defenses are truly modern. In some cases, this might mandate running next generation technologies in parallel with their legacy counterparts."

As he sees it, one specific area of modern investment is an analytics-driven defense. Only until very recently could companies leverage big data to root out threats they would otherwise be blind to.

“When big data is combined with machine-based behavioral analytics, the types of threats able to evade existing defenses can be detected early, prior to a large scale breach occurring,” Petersen said. “When networks are infiltrated and systems inappropriately accessed, normal behaviors within the IT environment will shift. When these behavioral shifts are recognized early, data breaches can be avoided."

Tell Us What You Think
Comment:

Name:

Jon H:

Posted: 2013-12-23 @ 7:51am PT
@Mike: Great idea!

Mike Jones:

Posted: 2013-12-23 @ 4:27am PT
Target should be required to and agree to provide free credit monitoring for a period of 18 months to those that had their information compromised.

rsa:

Posted: 2013-12-20 @ 5:29pm PT
I hate to say it but that is part of the risk we all take by using credit cards for everything. It would have been nice if they would have let us know right away when they found out though.



 CIO Issues
1. Net Gets Faster, But Easier to Attack
2. Target Hackers May Be Tough To Find
3. OpenSSL Calls for More Support
4. Heartbleed Flaw Affects Hardware
5. Is a Web Site Safe from Heartbleed?




 Most Popular Articles
1. BlackBerry Drops T-Mobile After Nasty Spat
2. Cisco, IBM Launch Internet of Things Consortium
3. Salesforce CRM Gets Industry Specific for Internet of Customers
4. Intel Bets on Cloudera for Big Data Analytics
5. SAP HANA Data Warehouse App Gets Faster Analytics

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Fund Seeks To Head Off Heartbleeds
  Salesforce Developing App SOS Button
  Google Maps, Now with Time Travel
  Lessons from Verizon's Threat Report
  NYPD Twitter Campaign Backfires

 Technology Marketplace
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
Cloud Computing
Next Generation Data Center Is Here! Vblock™ Systems from VCE
 
Contact Centers
HP delivers the future of the contact center with HP Qfiniti 10.
 
Data Storage
Next Generation Data Center Is Here! Vblock™ Systems from VCE
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Enterprise Hardware
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Hardware
Protect your network with APC Smart-UPS battery backup
 
Network Security
Protect your network with APC Smart-UPS battery backup
 

Network Security Spotlight
Tech Giants Fund Initiative To Prevent Future Heartbleeds
Can more funding prevent Heartbleed vulnerabilities in future open-source software? A new Core Infrastructure Initiative at the Linux Foundation is attempting to find out.
 
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Navigation
CIO Today
Home/Top News | Enterprise Software | Enterprise Hardware | Big Data | Network Security | Cloud Computing | CRM Systems
Data Storage | Operating Systems | Communications | CIO Issues | Mobile Tech | Chips & Processors | World Wide Web
Business Briefing | After Hours | Press Releases
Also visit these Enterprise Technology Sites
Top Tech News | CIO Today | Mobile Tech Today | Data Storage Today

Services:
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About CIO Today Network | How To Contact Us | Article Reprints | Services for PR Pros (In partnership with NewsFactor) | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 CIO Today. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.