Target Knew Of Hack, Failed To Act
According to Bloomberg, Target’s security tools detected the malware used in the hack as early as November 30th, and the thieves weren’t able to remove any data until December 2nd, which means that there were a couple of days wherein the threat couild have been mitigated. Bloomberg asserts that it was human error that led to the hack from there: Once the malware was flagged, the alert was forwarded to a security center in Minneapolis, where the issue was dropped. No one did anything about it.
If Bloomberg’s reporting is accurate, this potentially makes Target liable for all sorts of lawsuits, which are brewing now. Worse, it points to the main problem with any security measure, which is that humans are often the weakest link in the chain.