New Details Of Home Depot Attack Reminiscent Of Targets Breach

  /     /     /  
Publicated : 22/11/2024   Category : security


New Details Of Home Depot Attack Reminiscent Of Targets Breach


A massive payment card breach this year resulted when hackers gained access to its network using a third-party vendors login, the retailer says, and 53 million email accounts were exposed.



Home Depots statement Thursday that the criminals who stole payment card from its networks this year gained access using a third-party vendors stolen credentials suggests the breach was very similar to the one at Target last year.
The stolen credentials alone did not provide access to the companys point of sale systems, Home Depot said in a
press release
. The retailer provided fresh details of its investigation of a breach that
exposed data
on 56 million credit and debit cards.
The hackers escalated their access privileges to work their way through Home Depots network and deploy unique, custom-built malware on its self-checkout systems in the US and Canada, the home improvement company said.
In addition to the previously disclosed theft of credit and debit card data, Home Depot said the criminals accessed files containing 53 million email addresses belonging to Home Depot customers. Though the files did not contain passwords, payment card information, or any other sensitive personal information, the company is notifying affected customers.
From its description, the Home Depot breach seems eerily similar to the one reported by Target last year. In Targets case, the data theft happened when attackers gained access to its payment network using login credentials stolen from a vendor that provided heating ventilation and air conditioning services to the retailer.
Security vendors have repeatedly held up that breach as an example of the dangers companies face in allowing business partners, suppliers, and other third parties to access their networks. Many have cited the breach as a prime example of why companies need to have controls for ensuring that all third-party access is properly restricted and segmented.
Avivah Litan, an analyst at Gartner, says the fact that Home Depot allowed an almost identical breach to happen highlights the need for retailers to respond sooner to such issues.
The hackers have a set script on how to hack a large retailer -- and they continue to follow it with some modifications, Litan said in an email interview. The Home Depot and Target breaches used the same techniques every step of the way. Its too bad that the attacked organizations or potential victim organizations are not agile enough to build appropriate defenses in time.
The fact that the hackers went after both payment card data and email accounts shows that criminals have begun going directly after consumers, as well, she said.
[In the end, it may have been a foreshadowing of sorts: The team assigned to squeeze potentially sensitive information from Home Depot employees in cold calls during this years Social Engineering Capture the Flag (SECTF) competition at DEF CON 22 won the famed contest. Read
Home Depot, Other Retailers Get Social Engineered
.]
Tom Bain, senior vice president at security CounterTack, says retailers have often tended to overlook the supply chain of partners, customers, and vendors connecting to their networks. Retailers need to get a better grasp on who is being granted access to their networks and why.
There are just simply too many gaps along the entire supply chain, he said in an email. For example, if suppliers are using handheld devices to process orders, the wireless connection is at risk because encryption isnt up to par or being used at all.
Richard Stiennon, chief research analyst at IT-Harvest, says breaches like the one at Home Depot also highlight the need for companies to get a better handle on privileged account management.
Privileged accounts, of the type used by vendors of technology products to provide maintenance and support, are a rampant problem in the enterprise, Stiennon said in an email exchange.
Every organization should review the presence of those types of accounts and apply controls such as two-factor authentication, source IP or domain restrictions, and even restricted time windows for access to prevent incidents like the one at Home Depot.
Of course the root cause of the spate of retailer breaches is point of sale terminals that are out of date, improperly configured, and inadequately protected, he said.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New Details Of Home Depot Attack Reminiscent Of Targets Breach