The Herald Bulletin

Morning Update

Breaking News

February 7, 2014

Hackers may have used Pennsylvania company to hit Target

NEW YORK — The hackers who stole millions of customers' credit and debit card numbers from Target may have used a Pittsburgh-area heating and refrigeration business as the back door to get in.

If that was, in fact, how they pulled it off — and investigators appear to be looking at that theory — it illustrates just how vulnerable big corporations have become as they expand and connect their computer networks to other companies to increase convenience and productivity.

Fazio Mechanical Services Inc., a contractor that does business with Target, said in a statement Thursday that it was the victim of a "sophisticated cyberattack operation," just as Target was. It said it is cooperating with the Secret Service and Target to figure out what happened.

The statement came days after Internet security bloggers identified the Sharpsburg, Pa., company as the third-party vendor through which hackers penetrated Target's computer systems.

Target has said it believes hackers broke into its vast network by first infiltrating the computers of one of its vendors. Then the hackers installed malicious software in Target's checkout system for its estimated 1,800 U.S. stores.

Experts believe the thieves gained access during the busy holiday season to about 40 million credit and debit card numbers and the personal information — including names, email addresses, phone numbers and home addresses — of as many as 70 million customers.

Cybersecurity analysts had speculated that Fazio may have remotely monitored heating, cooling and refrigeration systems for Target, which could have provided a possible entry point for the hackers. But Fazio denied that, saying it uses its electronic connection with Target to submit bills and contract proposals.

The new details illustrate what can go wrong with the far-flung computer networks that big companies increasingly rely on.

"Companies really have to look at the risks associated with that," said Ken Stasiak, CEO of SecureState, a Cleveland firm that investigates data breaches. Stasiak said industry regulations require companies to keep corporate operations such as contracts and billing separate from consumer financial information.

Text Only
Breaking News
Featured Ads
More Resources from The Herald Bulletin
AP Video
Traditional African Dishes Teach Healthy Eating The Carbon Trap: US Exports Global Warming 13 Struck by Lightning on Calif. Beach Baseball Hall of Famers Inducted Israel, Hamas Trade Fire Despite Truce in Gaza Italy's Nibali Set to Win First Tour De France Raw: Shipwrecked Concordia Completes Last Voyage Raw: Sea Turtle Hatchlings Emerge From Nest Raw: Massive Dust Storm Covers Phoenix 12-hour Cease-fire in Gaza Fighting Begins Raw: Bolivian Dancers Attempt to Break Record Raw: Israel, Palestine Supporters Rally in US Raw: Air Algerie Flight 5017 Wreckage Virginia Governor Tours Tornado Aftermath Judge Faces Heat Over Offer to Help Migrant Kids Kangaroo Goes Missing in Oklahoma More M17 Bodies Return, Sanctions on Russia Grow Raw: Deadly Tornado Hits Virginia Campground Ohio State Marching Band Chief Fired After Probe Raw: Big Rig Stuck in Illinois Swamp
Parade
Magazine

Click HERE to read all your Parade favorites including Hollywood Wire, Celebrity interviews and photo galleries, Food recipes and cooking tips, Games and lots more.
Hyperlocal Search
Premier Guide
Find a business

Walking Fingers
Maps, Menus, Store hours, Coupons, and more...
Premier Guide
Helium debate
Helium
Front page
Poll

About 70 houses in the city will be demolished with a federal loan initiative administered by the state. How many more houses in the city do you think need to be razed?

At least 70 more
200 to 500 more
1,000
None
     View Results