You choose, we deliver
If you are interested in this story, you might be interested in others from The Journal Gazette. Go to www.journalgazette.net/newsletter and pick the subjects you care most about. We'll deliver your customized daily news report at 3 a.m. Fort Wayne time, right to your email.

Business

  • Lakeland has record quarterly earnings
    Lakeland Financial Corp. on Friday reported second-quarter earnings of $11.3 million, or 68 cents per diluted common share, a 22 percent increase over the $9.2 million, or 56 cents a share, poste ...
  • Fast-food workers flexing muscles
    Fast-food workers say they’re prepared to escalate their campaign for higher wages and union representation, starting with a national convention in suburban Chicago where more than 1,000 workers will discuss the future of the
  • Lakeland has record quarterly earnings
    Lakeland Financial Corp. on Friday reported second-quarter earnings of $11.3 million, or 68 cents per diluted common share, a 22 percent increase over the $9.2 million, or 56 cents a share, posted for the same three months of 2013.
Advertisement

Vendor tied to Target hack

Heat contractor may have been thieves’ entry point

– The hackers who stole millions of customers’ credit and debit card numbers from Target may have used a Pittsburgh-area heating and refrigeration business as the back door to get in.

If that was, in fact, how they pulled it off – and investigators appear to be looking at that theory – it illustrates how vulnerable corporations have become as they expand and connect their computer networks to those of other companies to increase convenience and productivity.

Fazio Mechanical Services Inc., a contractor that does business with Target, said in a statement Thursday that it was the victim of a “sophisticated cyberattack operation,” just as Target was. It said it is cooperating with the Secret Service and Target to figure out what happened.

The statement came days after security bloggers identified the Sharpsburg, Pa., firm as the third-party vendor through which hackers penetrated Target’s systems.

Target has said it believes hackers gained access through one of its vendors. Once inside, the hackers installed malicious software in Target’s checkout system for its estimated 1,800 U.S. stores.

Experts believe the thieves gained access during the busy holiday season to about 40 million debit and credit card numbers and the personal information – including names, email addresses, phone numbers and home addresses – of as many as 70 million customers.

Cybersecurity analysts had speculated that Fazio may have remotely monitored heating, cooling and refrigeration systems for Target, which could have provided a possible entry point for the hackers. But Fazio denied that, saying it uses its electronic connection with Target to submit bills and contract proposals.

The new details illustrate what can go wrong with the far-flung computer networks that big companies increasingly rely on.

“Companies really have to look at the risks associated with that,” said Ken Stasiak, CEO of SecureState, which investigates data breaches.

Advertisement