Target security warned about potential vulnerabilities to attack

Target (NYSE: TGT) computer security personnel may have raised concerns about potential vulnerabilities in the retailer's system in advance of the November 2013 data breach.

At least one computer analyst proposed a thorough review of the system, according to The Wall Street Journal. It isn't known whether the review was conducted, or what the specific fears of the unnamed employee were, but sources told the WSJ that suggestions were "brushed off" in advance of Black Friday and the holiday shopping season.

On Dec. 18, 2013, Target confirmed a data breach. Potentially, between 70 and 110 million customers' information was compromised.

"It is everyone's worst-case scenario," the former employee said. "As an intelligence analyst, there is only so much you can do."

Target declined to confirm or comment on the warning.

What is clear, is that Target did not sufficiently wall off its payments systems from hackers. The breach has now been traced to a contractor: Fazio Mechanical services in Pennsylvania. The HVAC contractor has been confirmed as the source of the breach. Hackers were able to connect to Target's POS system through remote management software.

Target has since accelerated efforts to rollout more secure chip-and-PIN card readers. Target CFO John Mulligan recently urged others to follow suit in a letter to Congress.

But according to new reports, chip-and-PIN cards would have done little to protect Target in this instance. The attack was made on known points of vulnerability and Target and other retailers were alerted to such potential dangers by the government and had seen an increase in the number of malware trying to enter their systems, according to some familiar with the investigation.

For more:
-See this Wall Street Journal story

Related stories:
Target: Timeline of a data breach
Target's data breach is a story with long legs
Target breach: Heating vendor confirmed as hackers' entry point
Target to install chip and PIN card readers, says that only 25 registers were to blame for massive breach
The story of how Target had chip and PIN cards, but failed to keep them