Page 2 of 2 Previous
The technology involves computer chips and personal identification numbers now in use in Europe; the plan also includes updating card readers in 1,800 Target stores and it should be ready by early 2015, the company said in a release Tuesday.
Mulligan further reported that to date, Target has seen no fraud activity on its proprietary credit and discount cards due to the breach and “a very low amount of additional fraud on our Target Visa card.”
Mulligan will be back on Capitol Hill on Wednesday to appear before a subcommittee of the House Energy and Commerce Committee.
Neiman Marcus woes
Target was not the only company questioned at the Senate hearing. The chief information officer of upscale clothier Neiman Marcus explained a cyberattack on his company’s computers similar to the one Target suffered. He said the malware infecting Neiman Marcus computers had a “zero detectabilty rate” using standard computer protection programs. That breach affected 1.1 million customers.
“The pace of attacks is increasing,” said Fran Rosch, an executive with Symantec, a maker of computer security software. There is a need for information to be “continuously encrypted.”
Everyone is vulnerable
That might have helped Target avoid its current crisis.
“We now know that the intruder stole a vendor’s credentials to access our system and place malware at point-of-sale registers,” Mulligan said in his testimony. “The malware was designed to capture payment card data from the magnetic strip of credit and debit cards prior to encryption within our system.”
But the company later found that the malware also had captured “strongly encrypted” information that employed personal identification numbers.
Sen. Sheldon Whitehouse, D-R.I., said that when a company as large as Target “can be hacked without knowing it, it is not to say that Target did something wrong,” but that everyone is vulnerable.
Klobuchar agreed, saying, “This can happen to anyone.”