Target probe eyes overseas hackers; stolen cards for sale online
By Mark Hosenball and Dhanya Skariachan
WASHINGTON (Reuters) - Investigators believe that overseas hackers were responsible for the cyber attack on U.S. retailer Target Corp that compromised up to 40 million payment cards during the first three weeks of the holiday shopping season, a person familiar with the matter said on Friday.
The person, who was not authorized to talk publicly about the matter, declined to say how the hackers got in or where investigators believe they are based, saying investigators don't want to show their hand to the criminals.
Meanwhile the blogger who first broke news of the breach, Brian Krebs, reported that data stolen from Target had begun flooding underground markets that sell stolen credit cards.
KrebsOnSecurity.com reported on Friday that cards stolen from Target were being offered at "card shops" for rates starting at $20 each and going to more than $100.
Target has said that hackers accessed data on up to 40 million payment cards over 19 days through Dec 15 in the second-largest retail breach in U.S. history. It is not known who is behind the attack or how they accessed Target's network.
A Secret Service spokesman declined to comment on the investigation, which the agency is running.
The retailer reported the breach on Thursday, a day after Krebs broke news of the attack. Target has declined to say how its systems were compromised and has provided few other details about the case.
Target sought to reassure customers that it was safe to shop at its stores and encouraged them to do so by offering 10 percent discounts off most merchandise on Saturday and Sunday, the last weekend before Christmas. Continued...