Since the initial confirmation of the data breach, Target has shared that there has been an active investigation. During that time, we’ve taken significant actions to further strengthen security across the network. Some of these enhancements include:
Enhancing monitoring and logging
We’ve implemented additional rules, alerts, centralized log feeds and enabled additional logging capabilities.
Installation of application whitelisting point-of-sale systems
This includes deployment to all registers, point-of-sale servers and development of whitelisting rules.
Implementation of enhanced segmentation
We’ve developed of point-of-sale management tools, reviewed and streamlined network firewall rules and developed a comprehensive firewall governance process.
Reviewing and limiting vendor access
We’ve decommissioned vendor access to the server impacted in the breach and disabled select vendor access points including FTP and telnet protocols.
Enhanced security of accounts
We coordinated a reset of 445,000 Target team member and contractor passwords, broadened the use of two-factor authentication, expanded password vaults, disabled multiple vendor accounts, reduced privileges for certain accounts, and developed additional training related to password rotation.
Visit Target.com/databreach to learn more about our information technology transformation.