More Trouble at Target: Hackers Landed Encrypted Debit Card PIN Data


More fallout arises in the wake of the recent hacking that Target found itself on the bad end of recently, as the retailer added to the list of information landed by the hackers when the late November / early December hack was carried out. Previously, Target acknowledged the loss of credit card numbers, along with expiration dates and security codes in the attack...but a new victim has arisen to join the ranks: debit card PIN data.

The hacking had an enormous impact, hitting around 40 million customers at last report, and worse, the data has since been spotted on the black market, otherwise known as the last place anyone would ever want to see a credit card number show up. The hacking put banks throughout the United States on high alert, and protecting customers from fraud became job one. The upshot, at least according to Target, is that the debit PINs should be “safe and secure,” largely owing to the point that Target encrypts such data with Triple DES encryption, and locks that encryption in right at the point of the keypad. Thus, the data not only started out encrypted, but it remained encrypted when it went into the system, and when the hackers got it, encrypted it remained.

What's more, the only way that the information can be immediately decrypted is to get said key from the independent payment processor service that Target works with, and the key has never actually existed within Target's systems at any point, which means a completely different hacking would be necessary to get the information from somewhere else.

It's likely to be at least something of a comfort for those impacted by the development, if perhaps only a cold comfort. Reports suggest that banks have been quick to react, and those who came in for replacement debit cards outright got said replacements with due haste. So the numbers in question may not have a lot of value after all, but it's still likely to leave a few gun-shy users next time holiday shopping season comes around.

It's hard to imagine this having a very chilling effect on debit and credit card use, whether in stores or online; that card is a very big part of a lot of users' lives, and most aren't likely to just let it fall by the wayside from one incident. But users were certainly practicing the correct levels of vigilance, and Target has reportedly been hard at work with both the Justice Department and the Secret Service in a bid to catch those responsible. These things are bound to happen—the sheer amount of potential return involved for the hackers is a pretty strong incentive—but with the proper vigilance, many of the problems associated with such hackings can be reduced and minimized.

Still, the recent Target hacking shows us conclusively what was predicted in a recent report from Kaspersky Lab: cyber-criminals would be taking on private data, money and Bitcoins in 2014, and this attack had two out of three elements ready to go. More of it is likely to arrive, but a little sound vigilance—as many displayed in this hacking—will likely mean the difference between a minor hiccup and a total disaster.

Edited by Stefania Viscusi

Contributing TechZone360 Writer

Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More