Target’s Security Breach: How Hackers Got Millions of Credit Card Numbers

If you received a phone call from Target’s customer service department about your credit card, you were probably one of the 40 million people whose information was stolen in a recent hack. Target and its customers fell victim to a common hack called RAM scraping. While RAM scraping isn’t new, the Target security breach shows that current PCI compliant security requirements aren’t enough to protect customer data.

American Dollar
American Dollar

How Credit Card Purchasing Works

Before you understand how hackers stole credit card numbers, you first need to know how retail stores process charge card purchases. You give the cashier your credit card, and the cashier swipes your card through a reader. The reader stores your credit card information in memory and sends the data to the merchant account processor. The merchant account processor transmits the data to your bank and then sends an acceptance or denial message back to the cashier.

The most important part of any credit card transaction is encryption. All of these transactions must be encrypted for a retailer to meet security compliance standards. Current PCI security standards require retailers to encrypt all data transferred from the internal retailer network to an external system such as a merchant account processor. However, there are no encryption requirements for data transferred within the retailer’s network, and it’s this issue that allows hackers to access unencrypted credit card information.

RAM Scrapers

RAM scrapers are virus programs injected into a retailer’s network to scan credit card systems for customer information. The program runs in the computer’s background as credit cards are swiped and stored. When a credit card is swiped, the system stores the account number in memory without any encryption. For its ability to steal data from RAM, the virus is given the name “RAM scraper.” These viruses are able to grab not only credit card numbers but any customer information stored in the computer’s memory.

In Target‘s case, the RAM scrapers were installed on multiple computers for several weeks, which is why the hackers were able to steal an enormous amount of data. The hack started with a phishing email sent to a third-party Target vendor. This phishing email revealed key user names and passwords that allowed hackers to inject the virus.

Target’s security breach is just one of several prominent retailers that have fallen victim to RAM scrapers. Walmart, Macy’s and Neiman Marcus have all had credit cards stolen from unencrypted data.

If you own a retail store, you can’t change the way a card reader works, but you can take steps to protect your customers from RAM scrapers. Keep antivirus software installed on cashier computers and don’t connect inside sales computers to the Internet. Instead, have your cashier computers send credit card numbers to a central server that then sends encrypted data to a merchant account processor. This alternative process clears the credit card readers’ data from memory, so only a limited amount of data is exposed to viruses. Avoid giving critical access to third-party vendors when it’s not needed and monitor any strange network activity. You can’t guarantee a hacker won’t uncover a security hole, but these few steps can help deter vulnerabilities.

Isaac Adams-Hands

Full Stack Developer, Digital Marketer, and InfoSec enthusiast. He received his Bachelor’s Degree from the University of Western Sydney and his Business Diploma from Georgian College before joining various marketing positions in search portals, e-commerce, higher education, and addiction recovery services.

Follow @ twitter

Related posts

Emerging & evolving Cybersecurity threat models

Cybersecurity threats are constantly changing, and this isn’t going to improve any time soon. Data privacy and security breaches are only going to increase in 2019. Today’s world is powered by the internet, smartphones, computers, and the IoTs (Internet of Things); which provides a constant threat platform for hackers and malicious software. Threat vectors have… Read More

The 13 Most Important Skills to have as a Cyber Defender

The information security professionals of today have a requirement of learning more swiftly, communicating more effectively, containing more knowledge about the business, and matching the ever-improving capabilities of adversaries. Not so long ago, to survive in this field, all you needed was creativity, problem-solving, and a healthy dose of technical understanding. But today, the security… Read More