This has been a big year for large data breaches. Earlier this year, Adobe suffered a major data breach affecting 38 million active customer accounts, some of which contained credit and debit information (there were 150 million records breached, but only 38 million had a password associated). Potentially more damaging is the breach of source code for Adobe products. It's not an understatement to list the Adobe hack as one of the worst in US history:
"I would characterize the breach as one of the worst in U.S. history,” Holden said, "because the source code of an end user product such as Adobe Reader and Adobe Publisher was breached and leaked. This allows additional attack vectors to be discovered and viruses to be written for which there are no defenses.
This gang is sophisticated and some new things may follow, I’m sure. The source code leaks and attacks sourced from this situation may be devastating."
Earlier this year, LivingSocial was hacked, exposing access to 50 million users. Evernote also experienced a hack affecting 50 million users. And today we find out that Target has also been hacked, affecting as many as 40 million shoppers.
The Target hack affects shoppers who went to the retailer in the 3 weeks after Thanksgiving. The breach involves credit and debit records. It's not clear the source of the hack, but it is suspected that the point-of-sale system was breached via malware or on route to the credit card processors. The "track data" stolen allows thieves to create counterfeit cards, while the PIN data collected could allow them to withdraw cash as well. Given the specificity of the attack, on financial information, there is a good chance the thieves will use the data maliciously. Target has provided details on the breach here.