Target's big security breach during the 2013 holiday shopping season may have started in an email "phishing" attack.
Fazio Mechanical Services, the company that handles Target's customer information security, released a statement explaining why the company's data was compromised:
We cannot comment on the on-going federal investigation into the technical causes of the breach, we want to clarify important facts relating to this matter:
•Fazio Mechanical does not perform remote monitoring or control of heating, cooling or refrigeration systems for Target.
•Our data connection with Target was exclusively for electronic billing, contract submission and project management, and Target is the only customer for whom we manage these processes on a remote basis. No other customers have been affected
by the breach.
•Our IT system and security measures are in full compliance with industry practices.
•Fazio Mechanical is not the subject of the federal investigation
Like Target, we are a victim of a sophisticated cyber attack operation. We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive remedies to enhance the security of client/vendor connections make them less vulnerable to future breaches.
CBS News reports as many as 110 million s of Target shoppers were victims of the data and credit-card hack. The information released by Fazio Mechanical Services does not prove a phising attack, which allegedly allowed access to Target's systems.
"In a typical phishing attack, fraudsters try to lure people into divulging passwords, credit card details and other confidential information by sending them an email that appears to be from a legitimate organization, such as a bank or retailer," CBS reports. "Messages may also include a link that, if the recipient clicks on it, unleashes a computer virus that secretly collects data."
Many banks shut down the accounts of those who shopped at Target during the cyber attack, sending replacement cards to their customers. Target has yet to release a statement commenting on Fazio Mechanical Services explanation.