The Target and JPMorgan Chase Breaches of 2013 and 2014

Daswani, Neil; Elbayadi, Moudy

doi:10.1007/978-1-4842-6655-7_8

Neil Daswani³ &
Moudy Elbayadi⁴

1479 Accesses

Abstract

In this chapter, we cover the 2013 Target breach when hackers exfiltrated over 40 million credit card numbers and the JPMorgan Chase (JPMC) breach of 2014 when attackers stole the names and email addresses of over 70 million customers. We cover these two mega-breaches together because, in part, both were caused by third-party compromises. An organization may have to work with many third parties, including developers (as Cambridge Analytica was to Facebook), acquisitions (Marriott acquiring Starwood Hotels), and customers (Dun & Bradstreet providing customers data on businesses). As business models evolve to support more open “platforms,” we can expect to see the reliance on third parties continue to increase, which makes the lessons from this chapter relevant and applicable. In the case of Target and JPMC, both were initially breached through a third-party supplier. The Target and JPMorgan Chase breaches were also significant because they were the first two mega-breaches, in which tens of millions of records were stolen in one shot, that took place starting in 2013 and 2014.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

eBook: USD 24.99; Price excludes VAT (USA)

Softcover Book: USD 16.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
We cannot know for sure if the attack on Fazio Mechanical led attackers to victimize Target or whether Target was the initial mark. In the former case, attackers most likely cast a far and wide net when running an email malware scam to then see what victims look like promising leads. The second scenario is that attackers initially went after Target because it is a large retailer that had publicly exposed plenty of internal documentation.
2.
Note that all of Target’s public vendor pages have been taken down or are now privately hosted since the breach in 2013. Some of the URLs Target previously used are listed as follows. Spot a pattern?
3.
Target’s Supplier Portal: https://extpol.target.com/SupplierPortal/index.html
Target Facilities Management: https://extpol.target.com/SupplierPortal/facilitiesManagement.html
List of Target’s Vendors: https://extpol.target.com/SupplierPortal/downloads.html
4.
Metadata is data that describes other data. For example, when you take a photo with your phone, the picture is saved along with metadata that includes the location where the photo was taken, the settings of the camera when the photo was taken, and the size and resolution of the photo. If you use Google Photos, you can see all this metadata by viewing the details of the photo. In the case of a Microsoft Excel file, metadata can include when the file was created, when it was last edited, and who last edited the file.
5.
An Active Directory is a live directory or database that stores information such as user accounts and other sensitive data. Active directory credentials would authenticate a user to access the said active directory.
6.
Aorato’s analysis of the breach matches with details of the breach provided by Krebs on Security insider sources.
7.
Source: http://krebsonsecurity.com/wp-content/uploads/2014/01/POSWDS-ThreatExpert-Report.pdf
8.
Source: www.reuters.com/article/target-breach/target-says-it-declined-to-act-on-early-alert-of-cyber-breach-idINDEEA2C0LV20140313
9.
Source: https://krebsonsecurity.com/2015/09/inside-target-corp-days-after-2013-breach/
10.
https://blogs.gartner.com/avivah-litan/2014/01/20/how-pci-failed-target-and-u-s-consumers/#:~:text=Target%20and%20other%20breached%20entities,didn’t%20stop%20their%20breaches
11.
Source: www.usatoday.com/story/money/2015/03/19/target-breach-settlement-details/25012949/
12.
Source: https://corporate.target.com/article/2014/04/updates-on-target-s-security-and-technology-enhanc
13.
A website certificate verifies the identity of a website to its visitors. A valid website certificate also allows for a secure transfer of data between a website visitor and the website. Data is securely transferred using the HTTPS protocol, which you will see at the beginning of your URLs.
14.
Two-factor authentication requires a user to authenticate themselves with not only their username and password but also a one-time second verification code. This could be a text message with a six-digit code or a notification on a trusted device that requires a user to click a button.

Author information

Authors and Affiliations

Pleasanton, CA, USA
Neil Daswani
Carlsbad, CA, USA
Moudy Elbayadi

Authors

Neil Daswani
View author publications
You can also search for this author in PubMed Google Scholar
Moudy Elbayadi
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Daswani, N., Elbayadi, M. (2021). The Target and JPMorgan Chase Breaches of 2013 and 2014. In: Big Breaches. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6655-7_8

Download citation

DOI: https://doi.org/10.1007/978-1-4842-6655-7_8
Published: 25 February 2021
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6654-0
Online ISBN: 978-1-4842-6655-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)

Publish with us

Policies and ethics