This 17-Year-Old Was Likely Behind the Massive Target Stores Data Heist

The news: According to IntelCrawler, a California-based security firm, a 17-year-old Russian national from St. Petersburg is responsible for creating the programming behind Target’s recent data heist. The firm says the perpetrator wasn't responsible for the security breach, but rather sold the software — an inexpensive "off the shelf" malware known as BlackPOS — to cybercriminals throughout Eastern Europe for $2,000 or for a 50% share from the sales of all intercepted credit cards.

Target's security breach following a Black Friday shopping blitz affected up to 110 million customers, the largest ever in the U.S.

The background: The day before Thanksgiving, a group of criminals gained access to Target’s customer information. They maintained access to the information until December 15, when Target realized there had been a breach.

The cybercriminals accessed 40 million customer names, credit and debit card numbers and security codes. (Online customers were not affected by the breach.) The data was obtained through software installed on machines where customers were swiping their cards, and approximately 1,797 Target stores were affected. Target urged its customers to check their bank statements and make sure all charges were their own.

The hackers had access to customer information for about three weeks, and the total financial damages are still unclear. The Target heist set a new record — the speed with which the hackers were able to access and collect data is unprecedented.

According to the New York Times, there was a "ten- to twenty-fold increase in the number of high-value stolen cards on black market web sites," attributed to the customer information stolen during Target's security breach. (Credit cards are big business on the black market. According to experts, stolen card information is sold in bulk, with cards going for prices anywhere from 25 cents to $100.)

But the real criminals are still out there: Though they have come closer to identifying who wrote the programming behind the attack, the wide ranging network of the cyber black market for credit card information is as pervasive as it is elusive.

"He is still visible for us, but the real bad actors responsible for the past attacks on retailers ... were just his customers,” Dan Clements, the IntelCrawler president, said.


How likely are you to make Mic your go-to news source?

Emily Barasch

Emily is a writer living in New York. Her writing has appeared on theatlantic.com and dowser.org. She graduated from Yale where she was Editor-in-Chief of the Yale Herald.

MORE FROM

These secret wartime tunnels were hidden beneath London for 100 years. Here’s what’s inside.

The passages were once used to shuffle 4 million letters a day.

London police identify Makram Ali, 51, as the man killed in the Finsbury Park mosque attack

Makram Ali, a father of six, died after a van attack on worshippers at a London mosque.

Cladding Similar to Grenfell Tower Could Be on 600 U.K. Buildings, PM's Office Says

Local authorities estimate about 600 buildings across Britain, Scotland, Wales and Northern Ireland have been fitted with the same type of flammable cladding used on Grenfell Tower.

Archbishop apologizes for Church of England's role in hiding years of "systemic" sexual abuse

Ex-bishop Peter Ball admitted in 2015 to abusing 18 young men over two decades.

'Hot Mic' podcast: Tropical Storm Cindy, Housing for Grenfell fire survivors, Uber CEO steps down

The important stories to get you caught up for Thursday.

EPA committee told that "climate change will be de-emphasized" by Trump administration

A key advisory committee has been "totally decimated" ex-members say.

These secret wartime tunnels were hidden beneath London for 100 years. Here’s what’s inside.

The passages were once used to shuffle 4 million letters a day.

London police identify Makram Ali, 51, as the man killed in the Finsbury Park mosque attack

Makram Ali, a father of six, died after a van attack on worshippers at a London mosque.

Cladding Similar to Grenfell Tower Could Be on 600 U.K. Buildings, PM's Office Says

Local authorities estimate about 600 buildings across Britain, Scotland, Wales and Northern Ireland have been fitted with the same type of flammable cladding used on Grenfell Tower.

Archbishop apologizes for Church of England's role in hiding years of "systemic" sexual abuse

Ex-bishop Peter Ball admitted in 2015 to abusing 18 young men over two decades.

'Hot Mic' podcast: Tropical Storm Cindy, Housing for Grenfell fire survivors, Uber CEO steps down

The important stories to get you caught up for Thursday.

EPA committee told that "climate change will be de-emphasized" by Trump administration

A key advisory committee has been "totally decimated" ex-members say.